Test Certificates?
Ryan McBride
mcbride at COUNTERSIEGE.COM
Wed Dec 20 22:40:02 EST 2000
On Wed, Dec 20, 2000 at 01:52:55PM -0600, James Russell wrote:
> Some cohorts and myself have just purchased copies of Safenet's SoftPk VPN
> Windows2000 client for securing our connections to one another. It was so
> amazingly easy to get everything up and running using fixed keys that I'm
> now considering trying to use certificates because I know they're more
> secure.
They're not necessarily more secure than using fixed keys - they're
one way to handle the problem of key management, but the're definately
not a panacea.
> I know I should probably leave well enough alone, but does anyone know of a
> Certificate Authority where I can just get testing or temporary certificates
> to see if I can get them working? The Certificate Manager on the client
> looks easy enough, so I'd like to give it a shot.
I've had good experiences using OpenSSL (on OpenBSD) to generate x509
certificates for use with the SafeNet client. If you have access to a
Unix system that you can install OpenSSL on, you can generate all the
certificates you like.
-Ryan
--
Ryan McBride - mcbride at countersiege.com
Systems Security Consultant
Countersiege Systems Corporation - http://www.countersiege.com
VPN is sponsored by SecurityFocus.COM
More information about the VPN
mailing list