As is so often the case, working with SSL you need to configure and test a strong authentication (SSL client authentication). In all these cases, you need to provide an ad-hoc client certificate to perform a succesful handshake.
As is so often the case, working with SSL you need to configure and test a strong authentication (SSL client authentication).
In all these cases, you need to provide an ad-hoc client certificate to perform a succesful handshake.
OpenSSL can be used to create your PKCS12 client certificate by peforming the following few steps.
- Create a new request
openssl req -new -nodes -out req.pem -keyout key.pem -days 3650 -config openssl.cnf
- Sign the request with your certification authority (CA)
openssl ca -out cert.pem -days 365 -config openssl.cnf -infiles req.pem
- Create you p12 certificate
openssl pkcs12 -export -in cert.pem -inkey key.pem -certfile cacert.pem -name "Fabio Martelli" -out cert.p12
Now you can use your cert.p12 with client application.
E.G. If your client is Firefox you can simply import your certificate as a new "personal certificate".
IMPORTANT: the target peer (the application requiring strong authentication) has to be provisioned with the CA which has signed your certificate.
Poor
