MQSeries.net :: View topic

jeevan · Posted: Fri Aug 29, 2008 6:50 pm Post subject:

I just downloaded the opensll binary and installed it.

Binary: Win32 OpenSSL v0.9.8 ( 6 mb)

I followed the follwoing instructions;
===========
Ingredients
Windows 2000 running Internet Information Services (IIS)
The OpenSSL tools for Windows from Shining Light Productions. This is a Windows port of the popular OpenSSL toolkit.
Walkthrough
Install and configure the OpenSSL toolkit
Get OpenSSL from the address above, and run the installer, accepting the defaults. These instructions assume OpenSSL is installed in C:\OpenSSL.
Add C:\OpenSSL\bin to your system path (Control Panel, System, Advanced, Environment Variables, System Variables) - this isn't strictly necessary but it makes things a lot easier.
Create a working directory - here, we'll use c:\ssl as our working folder.
Download this copy of openssl.conf to your working folder. (Note: I have no idea what most of the options in this file mean. I just hacked it around until it worked...)
Set up the directory structure and files required by OpenSSL:
C:\ssl>md keys

C:\ssl>md requests

C:\ssl>md certs

Create the file database.txt - an empty (zero-byte) text file. This can be done using the 'touch' command if you have it (it's a Unix tool not available on Windows by default, but you might have one lying around), or by creating an empty file manually:
c:\ssl>copy con database.txt
^Z

C:\ssl>

MS-DOS veterans will recognise this particular invocation. We're copying from CON (the console) to a file called database.txt, and that's a Control-Z end-of-file character on the first line. This should produce a zero-byte file called c:\ssl\database.txt
Create the serial number file serial.txt. This is a plain ASCII file containing the string "01" on the first line, followed by a newline. Again, we can use a little bit of ancient DOS magic:
C:\ssl>copy con serial.txt
01
^Z

C:\ssl>

to achieve the desired effect. (That's keystrokes zero, one, return, control-Z, return)
Set up a Certificate Authority (CA)
First, we create a 1024-bit private key to use when creating our CA.:
C:\ssl>openssl genrsa -des3 -out keys/ca.key 1024
Loading 'screen' into random state - done
warning, not much extra random data, consider using the -rand option
Generating RSA private key, 1024 bit long modulus
...........++++++
..................++++++
e is 65537 (0x10001)
Enter PEM pass phrase: - choose a memorable pass phrase to use for this key
Verifying password - Enter PEM pass phrase: - type your pass phrase again for verification

The pass phrase will be requested whenever you use this certificate for anything, so make sure you remember it. This will create a file called c:\ssl\keys\ca.key, containing our certificate authority private key.
Next, we create a master certificate based on this key, to use when signing other certificates

===========
My problem is when i try to run the openssl whatever command, i get a response saying " the system can not execute the specified program."

I am running from the same dir and the openssl.exe is there.

Do any one of you have run openssl? What do I need to do to get it working?
Any configuration?