Cryptography Tutorials - Tutorial Addendum - Using Certificates with Web Browsers
| |
(Continued from antecedent part...)
Once exported, we can appearance the affidavit with OpenSSL:
>openssl x509 -in verisign.cer -inform DER -noout -text
Certificate:
Data:
Version: 1 (0x0)
Consecutive Number:
7d:d9:fe:07:cf:a8:1e:b7:10:79:67:fb:a7:89:34:c6
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=US, O=VeriSign, Inc., OU=Class 3 Accessible Primary Cer
tification Ascendancy - G2, OU=(c) 1998 VeriSign, Inc. - For authorize
d use only, OU=VeriSign Assurance Network
Validity
Not Before: May 18 00:00:00 1998 GMT
Not Afterwards : Aug 1 23:59:59 2028 GMT
Subject: C=US, O=VeriSign, Inc., OU=Class 3 Accessible Primary Cer
tification Ascendancy - G2, OU=(c) 1998 VeriSign, Inc. - For authorized
use only, OU=VeriSign Assurance Network
Accountable Accessible Key Info:
Accessible Key Algorithm: rsaEncryption
RSA Accessible Key: (1024 bit)
Modulus (1024 bit):
00:cc:5e:d1:11:5d:5c:69:d0:ab:d3:b9:6a:4c:99:
1f:59:98:30:8e:16:85:20:46:6d:47:3f:d4:85:20:
84:e1:6d:b3:f8:a4:ed:0c:f1:17:0f:3b:f9:a7:f9:
25:d7:c1:cf:84:63:f2:7c:63:cf:a2:47:f2:c6:5b:
33:8e:64:40:04:68:c1:80:b9:64:1c:45:77:c7:d8:
6e:f5:95:29:3c:50:e8:34:d7:78:1f:a8:ba:6d:43:
91:95:8f:45:57:5e:7e:c5:fb:ca:a4:04:eb:ea:97:
37:54:30:6f:bb:01:47:32:33:cd:dc:57:9b:64:69:
61:f8:9b:1d:1c:89:4f:5c:67
Exponent: 65537 (0x10001)
Signature Algorithm: sha1WithRSAEncryption
51:4d:cd:be:5c:cb:98:19:9c:15:b2:01:39:78:2e:4d:0f:67:
70:70:99:c6:10:5a:94:a4:53:4d:54:6d:2b:af:0d:5d:40:8b:
64:d3:d7:ee:de:56:61:92:5f:a6:c4:1d:10:61:36:d3:2c:27:
3c:e8:29:09:b9:11:64:74:cc:b5:73:9f:1c:48:a9:bc:61:01:
ee:e2:17:a6:0c:e3:40:08:3b:0e:e7:eb:44:73:2a:9a:f1:69:
92:ef:71:14:c3:39:ac:71:a7:91:09:6f:e4:71:06:b3:ba:59:
57:26:79:00:f6:f8:0d:a2:33:30:28:d4:aa:58:a0:9d:9d:69:
91:fd
Very nice. Right? A self-signed affidavit from VeriSign Inc., accurate until year 2028.
- A self-signed affidavit from VeriSign Inc., accurate until year 2028.
- The affidavit book architecture is DER, not PEM. You charge to use "-inform DER" with the OpenSSL
command.
Of course, we can consign the affidavit out of IE, and save it in PEM formation. Just baddest
"Base-64 encoded X.509 (.CER)" as the consign book architecture in move 7.
Importing Certificates into IE
To analysis importing certificates into IE, let s reclaim the certificates created ahead in this book.
- .crt - self-signed by .
- john.crt - active by .
- bill.crt - active by John.
- tom.crt - active by John.
Here are the accomplish to acceptation .crt into IE:
1. Accessible IE 6.0, and go to the "Tools / Internet Options..." card option. The Internet Options chat box shows up.
2. Go to the Agreeable tab, and bang the "Certificates..." button in the Certificates section.
The Certificates chat box shows up.
3. Go to "Trusted Basis Acceptance Authorities" tab, and bang the "Import..." button. The Affidavit Acceptation Astrologer shows up.
4. Clik Next, and access .crt.
5. Clik Next, then bang Finish. .crt is now alien into IE as a trusted basis certificate.
Repeat the acceptation action afresh to acceptation john.crt, bill.crt, and tom.crt into the "Intermediate Affidavit Authorities" tab.
Now if you appearance the "Tom Bush" affidavit in IE, the acceptance aisle will be displayed as
" Yang" --> "John Smith" --> "Bill White" --> "Tom Bush".
(Continued on next part...)
|
certificate, verisign, certificates, signed, import, public, certification, click, shows, openssl, algorithm, , verisign inc, crt signed, public key, certificate from verisign, signed certificate from, inc valid until, valid until year, importing certificates into, verisign trust network, primary certification authority, tutorial notes using, tutorials tutorial notes, notes using certificates, signature algorithm sha1withrsaencryption, public primary certification, cryptography tutorials tutorial, |
Text link code :
Hyper link code:
Also see ...
i(Continued from antecedent part...)/iView Certificates in FireFox1. Accessible Firefox 1.0, and go to the "Tools / Options..." card option. The Options chat box shows up. b