Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
after i have created a digital certificate (.p12 format) using OpenSSL and import the cert into MS outlook express,
when i clicked the signed/encrypt button and sent the mail,
it was not prompt to ask me to type the password(private key),
the purpose and the function of using signed mail is vanished...
i have made a search from Microsoft web site about how to make it prompt for the password before sending the signed/encrypted mail, i found the following messages:
"When you obtain a certificate (or digital ID) from a public certification authority (CA) such as VeriSign, you can request additional security to protect your private key (or digital ID). If you request additional security to protect your private key, you are prompted for a password when you send a digitally signed message. If you do not type your private key password but instead click Cancel, your private key is not used to digitally sign the message when it is sent, and the message is sent unsigned. "
anybody know how to generate the cert using OpenSSL so that it will prompt me to type the password?
or, how to set it in Outlook express or Netscape/mozilla??
You mean given the password while creating the .p12 cert with
the "-password pass:MyUserPass" parameter??
yes, i haven't, can password be type in interactive mode instead of typing it inline?
Distribution: Red Hat 8.0, Slackware 8.1, Knoppix 3.7, Lunar 1.3, Sorcerer
Posts: 771
Rep:
And you can't let them create their own certs with their own passphrases because you dont want them to have access to your priv pem file? How many colleagues are we talking about?
Around 50+ peoples..
they don't know the password of the CA,
I will let them key in there private key while generating the cert request, and while generating the .p12 file,
i will ask them to type their key again, at the same time,
i hope them to key in the password for the certificate,
but no one should see the plain text of what they are typing, including me.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.