[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] HKPS certificate
|
From: |
Kristian Fiskerstrand |
|
Subject: |
Re: [Sks-devel] HKPS certificate |
|
Date: |
Tue, 19 May 2015 09:25:46 +0200 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.6.0 |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On 05/19/2015 07:49 AM, Gabor Kiss wrote:
>> I am wondering if I can still get a certificate for
>> keys.techwolf12.nl, my server has been stable for over 3 months
>> now and I would like to add an extra layer of security.
>
>> Does anyone know how to get an certificate?
>
> I tell you how did I some two weaks ago.
>
> I tailored a tipical openssl.cnf file. I added this section:
>
> [alt_names] DNS.1 = hkps.pool.sks-keyservers.net DNS.2 =
> *.pool.sks-keyservers.net DNS.3 = pool.sks-keyservers.net DNS.4 =
> keys.niif.hu
This part is unnecessary, the SANs are added by me the input is
discarded when generating the certificate. So you can simplify this to
simply a CN=keys.niif.hu
> Subject: C=HU, O=NIIF Institute, CN=keys.niif.hu
as here..
- --
- ----------------------------
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krifisk
- ----------------------------
Public OpenPGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
- ----------------------------
Cogito ergo sum
I think, therefore I am
-----BEGIN PGP SIGNATURE-----
iQEcBAEBCgAGBQJVWuV1AAoJEP7VAChXwav62qEIAKdFsJmaRBF4KzV67V/VHB2I
8fqRuQJ/rsvj/U0ypt9B6gn2FGh6CkJ01G8KYNJGsBTa2PGXIBagozxeVP8cSYKO
j/ZybLqW5sOOlJ+za44Vg+WViJyOLV1qE4/RySTnK6lrSkNe0dZZgIstOXKP6Nb8
UB7rutlvwygooAGHYrppVn+DsWYz/DSmCeMrsmDeYpext6YkckjZczLzwRI0LZMT
z6BNdh2CdHax0RqDxqgGgDV/vsPd2SQ3IVcUchFg3TO0JIS33+PpQsVDE6F06UnG
wDp6ZsO7bmFxWthGxGHfZwO1FHhJO2iy1PR6/Amw0Im30Qly4KGYIq8VuUxfsHQ=
=XKKe
-----END PGP SIGNATURE-----