Clarify that you're supposed to send the certificate request to the CA,
rather than your private key. Suggested by: Brett Schroeder <brett at brettschroeder dot name>
This commit is contained in:
Ceri Davies
parent
6f5b5fac0e
commit
5c7a8052ed
Notes:
svn2git
2020-12-08 03:00:23 +00:00
svn path=/head/; revision=24580
1 changed files with 9 additions and 4 deletions
|
|
@ -3072,10 +3072,15 @@ An optional company name []:<userinput><replaceable>Another Name</replaceable></
|
||||||
are available. A complete list may be obtained by viewing
|
are available. A complete list may be obtained by viewing
|
||||||
the &man.openssl.1; manual page.</para>
|
the &man.openssl.1; manual page.</para>
|
||||||
|
|
||||||
<para>A <filename>cert.pem</filename> file should now exist in
|
<para>Two files should now exist in
|
||||||
the directory which the aforementioned command was issued. This
|
the directory in which the aforementioned command was issued.
|
||||||
is the certificate which may be sent to any
|
The certificate request, <filename>req.pem</filename>, may be
|
||||||
<acronym>CA</acronym> for signing.</para>
|
sent to a certificate authority who will validate the credentials
|
||||||
|
that you entered, sign the request and return the certificate to
|
||||||
|
you. The second file created will be named <filename>cert.pem</filename>
|
||||||
|
and is the private key for the certificate and should be
|
||||||
|
protected at all costs; if this falls in the hands of others it
|
||||||
|
can be used to impersonate you (or your server).</para>
|
||||||
|
|
||||||
<para>In cases where a signature from a <acronym>CA</acronym> is
|
<para>In cases where a signature from a <acronym>CA</acronym> is
|
||||||
not required, a self signed certificate can be created. First,
|
not required, a self signed certificate can be created. First,
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue