diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2000-03-25 02:38:28 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2000-03-25 02:38:28 +0000 |
commit | afee764c4a173e7dff52dbf59612e2418acc7cb7 (patch) | |
tree | f98eeb52cbdae79205d18ccd873f0dca58f91b64 /doc/apps/CA.pl.pod | |
parent | 2d99cee790041acbf345bc0b04ea308ce76cd092 (diff) |
Update docs.
Diffstat (limited to 'doc/apps/CA.pl.pod')
-rw-r--r-- | doc/apps/CA.pl.pod | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/doc/apps/CA.pl.pod b/doc/apps/CA.pl.pod index 83e4c0af81..9d287f0c4d 100644 --- a/doc/apps/CA.pl.pod +++ b/doc/apps/CA.pl.pod @@ -102,6 +102,35 @@ the request and finally create a PKCS#12 file containing it. CA.pl -signreq CA.pl -pkcs12 "My Test Certificate" +=head1 DSA CERTIFICATES + +Although the B<CA.pl> creates RSA CAs and requests it is still possible to +use it with DSA certificates and requests using the L<req(1)|req(1)> command +directly. The following example shows the steps that would typically be taken. + +Create some DSA parameters: + + openssl dsaparam -out dsap.pem 1024 + +Create a DSA CA certificate and private key: + + openssl req -x509 -newkey dsa:dsap.pem -keyout cacert.pem -out cacert.pem + +Create the CA directories and files: + + CA.pl -newca + +enter cacert.pem when prompted for the CA file name. + +Create a DSA certificate request and privat key (a different set of parameters +can optionally be created first): + + openssl req -out newreq.pem -newkey dsa:dsap.pem + +Sign the request: + + CA.pl -signreq + =head1 NOTES Most of the filenames mentioned can be modified by editing the B<CA.pl> script. |