Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
en:services:it_security:pki:start [2024/03/15 11:35] – [Detailed description of the possible uses of X.509 certificates] thinderen:services:it_security:pki:start [2024/03/15 13:22] (current) – [... from the GÉANT TCS PKI] thinder
Line 41: Line 41:
  
 </WRAP> </WRAP>
-===== Apply for server certificate =====+===== Apply for server certificates... =====
  
-Call OpenSSL with the following Parameters+==== ... from the GÉANT TCS PKI ==== 
 +To request ACME External Account Binding Information for server certificates from the GÉANT TCS PKI, which is anchored in the client of the DFN of the GÉANT TCS PKI, send an e-mail to [[support@gwdg.de?subject=Request for ACME External Account Binding Information for the following server(s):&body=Dear Sir or Madam,%0A%0AI would like to request ACME External Account Binding information for the following server(s):%0A%0A|support@gwdg.de]] or use the [[https://www.gwdg.de/support|Support form]] of the GWDG. 
 + 
 +<WRAP center round download 80%> 
 +Once you have received the ACME External Account Binding information, you can automatically create the certificates for your servers. Instructions on how to do this can be found in the following GWDG News article: 
 +  - [[https://www.gwdg.de/documents/20182/27257/GN_3-2022_www.pdf#page=10|GWDG News 03|22]] - Part 4: Automated Creation of Server Certificates with Bot Software 
 +</WRAP> 
 +<WRAP center round important 60%> 
 +(currently only in German) 
 +</WRAP>
  
 ==== Unix/OS X ==== ==== Unix/OS X ====
 +<WRAP center round info 80%>
 +Call OpenSSL with the following Parameters
 +
 +</WRAP>
 +
 Simple Bash script... Simple Bash script...
 <code bash createcsr.sh>openssl req -newkey rsa:4096 -sha256 -keyout priv-key.pem -out certreq.pem</code> <code bash createcsr.sh>openssl req -newkey rsa:4096 -sha256 -keyout priv-key.pem -out certreq.pem</code>