From: Miguel de Icaza Date: Tue, 30 Nov 2004 00:45:56 +0000 (-0000) Subject: Use Sebastiens example from his blog X-Git-Url: http://wien.tomnetworks.com/gitweb/?a=commitdiff_plain;h=23bb27a23f41925ec4fa4db1b62d5e1da5019cf5;p=mono.git Use Sebastiens example from his blog svn path=/trunk/mono/; revision=36796 --- diff --git a/man/makecert.1 b/man/makecert.1 index 3a1b1053036..c856285b539 100755 --- a/man/makecert.1 +++ b/man/makecert.1 @@ -112,6 +112,40 @@ Help (display this help message) .TP .I "-!" Extended help (for advanced options) +.SH EXAMPLES +.PP +To create Building a SSL test (i.e. non trusted) certificate is easy +once your know your host's name. Mono ships with a utility, makecert, +for doing so. The following command will create a test certificate for +an SSL server: +.nf + $ hostname + pollux + + $ makecert -r -eku 1.3.6.1.5.5.7.3.1 -n "CN=pollux" -sv pollux.pvk pollux.cer + Success +.fi +.PP +In particular in the above example, the parameters used to build this +test certificate were: +.TP +.I "-r" +Create a self-signed certificate (we don't need/want to build a +hierarchy here). +.TP +.I "-eku 1.3.6.1.5.5.7.3.1" +Optional (as sadly most client don't require it). This indicates that +your certificate is intended for server-side authentication. +.TP +.I "-n \"CN=pollux\"" +Common Name (CN) = Host name. This is verified the SSL client and must +match the connected host (or else you'll get a warning or error or +*gasp* nothing). +.TP +.I "-sv private.key" +The private key file. The key (1024 bits RSA key pair) will be +automatically generated if the specified file isn't present. +pollux.cer. The created SSL certificate for your host. .SH KNOWN RESTRICTIONS Compared to the Windows version some options aren't supported (-$, -d, -l, -nscp, -is, -sc, -ss). Also PVK files with passwords aren't supported.