I created Certificate Authority (CA) according to Ubuntu help using openssl. After creating a certificate for Apache2 and adding to certificate to it, I want to import it in Firefox. In the end of document, there is some information for adding CA certificate to Browser. Before that I should create PKCS#12 certificate using follwoing commands:
openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout mycert.pem -out mycert.pem
openssl pkcs12 -export -out mycert.pfx -in mycert.pem -name "Certificate for Whatever"
to create pfx file. But the problems is how this could relates to CA certification? For example, in the document the author generated a file called cacert.pem for CA certification and a file called cakey.pem for server private key. What is usage of the filemycert.pem?
As another note, after I runs following command:
openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout mycert.pem -out mycert.pem
I asked for entering Common Name information (like city, organization, ...). I entered some information (randomly) to the questions and finally after executing second command I produced mycert.pfx file and imported it to Firefox (as described in the end of document). But it does not recognized the .pfx file and nothing has been imported!
After that I decide to import cacert.pem and the file successfully added to list of trusted authorities:
But after importing certificate to Firefox and restarting it, When I request the page, I got This Connection is Untrusted page (meaning Firefox does not trust in my CA certificate) in the response. Where is the problem?
Aucun commentaire:
Enregistrer un commentaire