Creating Certification Authority Files

Learn the steps to create the certification authority (CA) files.

  1. Set up the Sybase environment variables:
    Source /<install_dir>/DC-15_0/DC_SYBASE.csh (or .sh)
    Note: If you have already created or obtained a certificate, skip steps 2 through 5.
  2. Change to the Sybase Open Client/Server™ bin directory:
    cd /<install_dir>/DC-15_0/bin
  3. Create the CA.in file. Enter the parameters for the CA certificate that you are going to use with the certreq utility, as shown:
    vi CA.in
req_certtype=Server
req_keytype=RSA
req_keylength=512
req_country=US
req_state=CO
req_locality=Boulder
req_organization=Sybase
req_orgunit=Security
req_commonname=CA
    Note: For more information about certreq parameters, see the Adaptive Server Utilities Guide.
  4. Create a private key file and a certificate request file for the CA certificate:
    prompt% certreq -F CA.in -R CA_req.txt 
-K CA_pkey.txt -P yourcapassword

    You see:

    Generating key pair (please wait)...
  5. Create a public key file named trusted.txt by using the CA_req.txt file with the private key file to sign the public key file:
    prompt% certauth -r -C CA_req.txt -Q CA_req.txt 
-K CA_pkey.txt -P yourcapassword -T 365 -O trusted.txt
    -- Sybase Test Certificate Authority Utility -- -- Certificate Validity:
      startDate = Thu Mar 02 09:56:43 2008
      endDate = Fri Mar 20 09:58:10 2009
Setting serial number Ox1w7d236819a91a32
Could not sign certificate using signature type 20, error ‘No error string returned.’ (3000).
Could not sign certificate using signature type 22, error ‘No error string returned.’ (3000) 
CA sign certificate SUCCEED using signature type 2, return ‘SSLNoErr’ (0).
Parent topic: Set Up SSL on UNIX Server