Generate an x.509 to be signed

I have done quite a bit of searching and I can't seem to find an answer as to how to create an x.509 certificate that I could then have signed by a 3rd party like say Verisign. I am trying to do this in Windows.

I know for SSL this is a CSR but what do I do to get an x.509 for 开发者_运维技巧use in encrypting SSO messages with our clients?

Thanks.

My recommended way would be to use Cygwin + OpenSSL: http://robotification.com/2007/08/31/installing-openssl-on-windows/

Another way could be to use windows binaries for OpenSSL.

WARNING: I have not tried any of these windows binaries. Use them at your own risk. I am not affiliated with any of these.

You can use windows implementation of OpenSSL. I found a few windows binaries: http://www.openssl.org/related/binaries.html http://gnuwin32.sourceforge.net/packages/openssl.htm

And these setup instructions: http://forums.tutorialized.com/windows-122/openssl-installation-on-windows-tutorial-by-herong-5467.html

Regardless of the approach you would need to run the following Openssl command.

openssl req -nodes -newkey rsa:2048 -keyout myserver.key -out server.csr This will generate two files: a CSR called 'server.csr' and a 2048-bit private key called 'myserver.key'.

You will be prompted to enter some information for your CSR. Enter those as per your information and you are done.

Hope this helps.