[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] IKE and free CA
I've been doing a little bit of work on getting openssl (http://www.openssl.org) to work with a free CA. I have used the "fw internalca" command and I had created the internal CA object and certified the firewall object. I can even export the CA object's self-signed certificate in the Manage->Servers... section. However, I need to get at the key in order to do any other certs with this CA. For example, if one can extract the key, one would be able to sign user certificates. The magical Key appears to be stored in the $FWDIR/database/InternalCA.DB file. It looks like: :cakey ( :value (hexhexhex....) :pkcs8 (hexhexhex....) Can anyone verify this? What format are the data? I tried doing some things (convert to base64, convert to binary then base64, etc) but none work with openssl. No doubt it is encrypted. I figure it's in there somewhere. Let me know what you think, if you have any ideas, etc. --Regis ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|