[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

SSH X.509 certificate enrollment page announcement



The SSH X.509 certificate enrollment test page is now available for
testing. See:

<URL:http://isakmp-test.ssh.fi/>.

The SSH ISAKMP/Oakley test site now allows PKCS #10 certificate
enrollment testing. This test page allows processing of PKCS #10
requests and it returns X.509 certificates signed by our Web test CA
keys. It offers selection of either DSA or RSA root. You can also sign
keys with the sub CA 7 that allows you to do chain testing with
ISAKMP/Oakley test page (the sub CA 7 (either RSA or DSA) is signed by
the master root CA (either DSA or RSA) using chain of 6 certificates
between them).

The PKCS #10 certificate enrollment page supports both PKCS #10
Extension Requests having ASN1 sequence inside or the T61 strings.
Also if you cannot generate PKCS #10 request with extensions, you can
just fill in the information to web page (or if want to change some
data in the request).

The verify PKCS #10 data page allows you also to create your own sub
CA certificates, and it allows you to modify the key usage bits of the
final certificate.

Because this is just a quick test program it DOES not keep track of
the serial numbers and validity periods, but just asks you yo fill in
the values. You can also select the signature format
(sha1WithRSAEncryption (RSA Root key), md5WithRSAEncryption (RSA Root
key), or dsaWithSHA-1 (DSA Root key)). 

For more information about SSH X.509 Certificate Tools see
http://www.ssh.fi/certs/
-- 
Start fixing W2k problem,                    install a free unix now.
kivinen@iki.fi                               Work : +358-9-4354 3218
SSH Communications Security                  http://www.ssh.fi/
SSH IPSEC Toolkit                            http://www.ssh.fi/ipsec/