[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Handle-info] generating private/public keys and client certificate for the handle API via openssl

To: Robert R Tupelo-Schneck <schneck@cnri.reston.va.us>
Subject: Re: [Handle-info] generating private/public keys and client certificate for the handle API via openssl
From: Robert Verkerk <robert.verkerk@surfsara.nl>
Date: Tue, 5 Apr 2016 16:24:37 +0200
Cc: handle-info@cnri.reston.va.us, "Weigel, Tobias" <weigel@dkrz.de>, Merret Buurman <buurman@dkrz.de>
Delivered-to: handle-info-archive@cnriweb-cogent.cnri.reston.va.us
Delivered-to: handle-info@cnriweb.cnri.reston.va.us
In-reply-to: <3B64D04F-4040-4880-BEF0-7CDB19DB1DBF@cnri.reston.va.us>
List-archive: <http://www.handle.net/mailman/private/handle-info/>
List-help: <mailto:handle-info-request@cnri.reston.va.us?subject=help>
List-id: "Handle.Net Mailing List" <handle-info.cnri.reston.va.us>
List-post: <mailto:handle-info@cnri.reston.va.us>
List-subscribe: <http://www.handle.net/mailman/listinfo/handle-info>, <mailto:handle-info-request@cnri.reston.va.us?subject=subscribe>
List-unsubscribe: <http://www.handle.net/mailman/options/handle-info>, <mailto:handle-info-request@cnri.reston.va.us?subject=unsubscribe>
References: <B63CBC57-B341-4B2E-9A89-AC9B4CE0E2C4@surfsara.nl> <3B64D04F-4040-4880-BEF0-7CDB19DB1DBF@cnri.reston.va.us>
Sender: handle-info-bounces@cnri.reston.va.us

Hi Robert,

Thanks for the reply.

I was busy with DSA keys and trying to get them from a public key to a pkcs8 format to binary using hdl-convert-key. But I was stuck at the pkcs8 format.

So we “just” need to generate a RSA private/public key and go from there? Any special considerations for the RSA key?

Greetings,

Robert verkerk


> On 05 Apr 2016, at 15:50, Robert R Tupelo-Schneck <schneck@cnri.reston.va.us> wrote:
> 
> They can send you an RSA public key in PEM format, which OpenSSL can do.  Then you can use hdl-convert-key from the Handle.Net distribution to convert the PEM-formatted key into Handle format.  You can either use "hdl-convert-key input.pem -o output.bin" or "hdl-convert-key < input.pem > output.bin".
> 
> Robert
> 
>> On Apr 5, 2016, at 4:23 AM, Robert Verkerk <robert.verkerk@surfsara.nl> wrote:
>> 
>> Hi,
>> 
>> We provide/host prefixes and handles for several customers. We have implemented handle version 8.1.0. This enables the handle API with client certificates.
>> We know how to generate a private/public key-pair and the client certificate for the handle API via the handle tools and a very small bit using openSSL.
>> 
>> If we are to allow customers to generate it they will need to download the handle tools. Or we need to do it for them. This is not something they want.
>> 
>> Is there a way to use only openSSL at the customer site to generate all necessary bits for the private/public key-pair and the client certificate?
>> This so they only have to provide us with the public key that we upload in the proper admin handle with the proper index. The rest stays private at the customer site.
>> 
>> 
>> -- 
>> Greetings,
>> 
>> Robert Verkerk
>> systeem programmeur
>> Data Services
>> 
>> Robert Verkerk
>> | Dataservices | SURFsara
>> 
>> 
>> 
>> 
>> 
>> 
>> 
>> 
>> 
>> _______________________________________________
>> Handle-Info mailing list
>> Handle-Info@cnri.reston.va.us
>> http://www.handle.net/mailman/listinfo/handle-info
> 






_______________________________________________
Handle-Info mailing list
Handle-Info@cnri.reston.va.us
http://www.handle.net/mailman/listinfo/handle-info

Follow-Ups:
- Re: [Handle-info] generating private/public keys and client certificate for the handle API via openssl
  - From: Robert Tupelo-Schneck <schneck@cnri.reston.va.us>

References:
- [Handle-info] generating private/public keys and client certificate for the handle API via openssl
  - From: Robert Verkerk <robert.verkerk@surfsara.nl>
- Re: [Handle-info] generating private/public keys and client certificate for the handle API via openssl
  - From: Robert R Tupelo-Schneck <schneck@cnri.reston.va.us>

Prev by Date: Re: [Handle-info] generating private/public keys and client certificate for the handle API via openssl
Next by Date: Re: [Handle-info] generating private/public keys and client certificate for the handle API via openssl
Previous by thread: Re: [Handle-info] generating private/public keys and client certificate for the handle API via openssl
Next by thread: Re: [Handle-info] generating private/public keys and client certificate for the handle API via openssl
Index(es):
- Date
- Thread