[openssl-users] DH-RSA and DH-DSS certificate creation
jayadev.kumar at gmail.com
Wed Nov 4 16:08:51 UTC 2015
Thanks Matt !
On Tue, Nov 3, 2015 at 4:29 PM, Matt Caswell <matt at openssl.org> wrote:
> On 03/11/15 23:33, Jayadev Kumar wrote:
> > Hi,
> > Can i create DH-RSA and DH-DSS certificate using openssl ?
> > If yes, Which openssl version has the support for it ?
> > Can i use DH-RSA and DH-DSS certificate with 'openssl s_server'
> > application ?
> Yes from version 1.0.2.
> You cannot create "self-signed" DH certificates because DH is not a
> signing algorithm. Therefore you *must* get a certificate from some kind
> of CA. Dependant on what you want to use it for the easiest way is to
> create your own CA (using an RSA key if you want DH-RSA, or a DSS key if
> you want DH-DSS).
> Once you have set up a CA you can create the DH certificate as described
> in this answer on stackexchange:
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the openssl-users