brent timothy saner on 24 Oct 2013 22:35:43 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Fwd: Openssl config question

Hash: SHA1

On 10/24/2013 09:53 PM, Michael Leone wrote:

> 1. How can I list the properties of my cert? 2. What other
> properties are there, and how do I tell openssl to include those
> other properties in the cert?

1. openssl x509 -in -text /path/to/certificate.crt
this will give you...really, all the information you can get from the
certificate itself (so what RDS would see).
(see - hands down one of the best
openssl cheatsheets. i still use it regularly)

2. just some random suggestions:

- -have you tried tweaking the encoding/encryption algo/digest? i doubt
it'd matter, but worth a shot.

- -different bit lengths- perhaps RDS only supports 1024-bit, or only
4096-bit, etc.; not primarily a windows admin so i don't know off the
top of my head.

- -you can also try adding -nodes -sha1(or whatever) after the -x509
option. the -nodes option, besides being painfully and woefully not
documented well, tends to play tons more nicely with password-less
keys and key+crt files (plus some other stuff too). the -sha1
definitely should be supported by windows. i wouldn't stick with it
for production, but it'd let you know if the problem is arising from
trying to use an unsupported digest.
Version: GnuPG v2.0.21 (GNU/Linux)
Comment: Using GnuPG with Thunderbird -

Philadelphia Linux Users Group         --
Announcements -
General Discussion  --