TLS server key and certificate generation

jawad.ssuet jawad.ssuet at
Thu Sep 24 17:27:36 CEST 2009


Actually for OpenXCAP to work I have to generate one server.crt and
server.key by using gnutls (as this is only one post on OpenXCAP forum) and
put them under my openxcap/tls folder, so that would my server certification
and key. By the time I emailed I was unable to find method to do this by
gnutls so did this by openssl but I struggled to load the cert/key with

On OpenXCAP website this is the only information about certificates.

"" When using TLS you must generate an X.509 certificate and a key. Consult
Internet resources for how to do this. The procedure is the same as for any
other TLS server like Apache web server.  ""

I generate a certificate and private key for OpenXCAP server by using
openssl as follows.

- openssl genrsa -des3 out server.key 1024
- openssl req -new -key server.key -out server.csr
- openssl x509 -req -days 365 -in server.csr -signkey server.key -out

So in short I have to generate one server certificate and private key using
gnutls and I will follow procedures on the provided links by you and will
report if that work. I have installed gnutls but havent seen certtool
command ?.

Jawad Hussain

On Wed, Sep 23, 2009 at 10:43 PM, Simon Josefsson <simon at>wrote:

> Jawad hussain <jawad.ssuet at> writes:
> > Hi,
> >
> > I am trying to setting up a OpenXcap server and doing so I encounter
> > following error. So can someone suggest how to generate TLS server
> > certificate and key for OpenXcap server.
> >
> > Sep 23 16:13:55 jawad-desktop openxcap[2710]: fatal error: the TLS
> > certificates or the private key could not be loaded
> There is not much information to go on here, can you provide more
> information on what commands you invoke and the files you use as input?
> I'm not familiar with OpenXcap though, so you may find better answers on
> a OpenXcap forum.
> Generating keys and certificates is covered in the GnuTLS manual:
> I blogged about how to create CACert keys/certs some time ago:
> /Simon

-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20090924/1a92937d/attachment.htm>

More information about the Gnutls-help mailing list