Re: opensource CA server



Arne Vajhøj wrote:

Nigel Wade wrote:
vaneric wrote:
i want to learn the working of a cert authority server.can someone
suggest a good opensource CA server?

OpenSSL may be as good a place as any to start. You will certainly get to see
the inner workings of a CA laid bare. Look at http://www.openssl.org. It has
no
relation to Java, however.

OpenSSL has all the necessary tools for creation of your own CA, for
generating
cert. requests and signing those requests.

Does OpenSSL work as a CA server ?


It can certainly be a CA.

What is the distinction is between a CA and a CA server?

--
Nigel Wade
.



Relevant Pages

  • Re: [fw-wiz] Web server security?
    ... > interface for pluggable security modules. ... I'm unlikely to do a major kernel version upgrade on my only personal Web ... server until I'm comfortable with 2.6. ... Apache and OpenSSL. ...
    (Firewall-Wizards)
  • [EXPL] Openssl-Too-Open: Apache / OpenSSL Remote Exploit
    ... openssl-too-open is a remote exploit for the KEY_ARG overflow in OpenSSL ... The CLIENT_HELLO message contains a list of the ciphers the client ... The server replies with a SERVER_HELLO message, ... The client sends a CLIENT_FINISHED message with a copy of the connection ...
    (Securiteam)
  • [NEWS] Multiple OpenSSL TLS Vulnerabilities
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... OpenSSL has two TLS related programming errors which cause it to crash. ... The first error causes OpenSSL to crash to segmentation fault when it ... 'Server Key exchange message' is omitted from the TLS handshake. ...
    (Securiteam)
  • Re: STARTTLS=client errors in log
    ... See the source code of your OpenSSL version. ... It could be a problem with the server certificate, ... Hm, you ask a question, get a response from the ultimate expert, ... but once I got the unknown cipher too. ...
    (comp.mail.sendmail)
  • [Full-disclosure] MDKSA-2005:179 - Updated openssl packages fix vulnerabilities
    ... that use the SSL/TLS server implementation provided by OpenSSL. ... practical attacks have been demonstrated which could allow an attacker ... GPG public key of the Mandriva Security Team by executing: ...
    (Full-Disclosure)