[Box Backup] Certificate for Windows
ken
boxbackup@fluffy.co.uk
Fri, 5 Nov 2004 06:27:40 -0500 (EST)
Hi Ben,
I put BACKUP-1234 as commonName and it worked.
Thanks!
Ken
>
> On 4 Nov 2004, at 23:06, ken wrote:
>
>> I am trying to create certificates for Windows clients and sign them
>> with
>> boxbackups CA.
>>
>> Here is what I do:
>>
>> Create an account:
>> /usr/bin/bbstoreaccounts create 1234 0 4096M 4505M
>>
>> Generating private key:
>> openssl genrsa -out /etc/box/bbackupd/1234-key.pem 2048
>>
>> Generate certificate request (is there a boxbackup config file I should
>> use?):
>
> No, you should use the defaults.
>
>> openssl req -new -key /etc/box/bbackupd/1234-key.pem -sha1 -out
>> /etc/box/bbackupd/1234-csr.pem
>
> What did you enter for all the data it requested?
>
>>
>> Generate keys for file backup:
>> openssl rand -out /etc/box/bbackupd/1234-FileEncKeys.raw 1024
>>
>> Sign certs:
>> cd /etc/box
>> /usr/bin/bbstored-certs ca sign bbackupd/1234-csr.pem
>>
>> And get this error:
>> No subject found in CSR bbackupd/1234-csr.pem at
>> /usr/bin/bbstored-certs
>> line 336.
>
> I suspect that you didn't put the correct stuff into the CSR. The
> common name needs to be BACKUP-1234 in this example -- remember that
> this certificate authenticates the client to the server, so it has to
> include the account number somewhere!
>
> Ben
>
>
>
> _______________________________________________
> boxbackup mailing list
> boxbackup@fluffy.co.uk
> http://lists.warhead.org.uk/mailman/listinfo/boxbackup
>