In the previous task, we use the certificates in the /etc/ssl/certs folder to verify server's certificates....
Fantastic news! We've Found the answer you've been seeking!
Question:
Transcribed Image Text:
In the previous task, we use the certificates in the /etc/ssl/certs folder to verify server's certificates. In this task, we will create our own certificate folder, and place the corresponding certificates in the folder to do the verification. Please create a folder called certs, and change the cadir line in the client program to the following. Run the client program and report your observation. cadir './certs' To solve this problem, you need to place the corresponding CA's certificate into your certs folder. Please use your client program to find out what CA certificate is needed to verify the www.example.com server's certificate, and then copy the certificate from the /etc/ssl/certs to your own folder. Run your client program again. If you have done everything correctly, your client program should be able to talk to the server. It should be noted that copying CA's certificate to the "./cert" folder is not enough. When TLS tries to verify a server certificate, it will generate a hash value from the issuer's identify information, use this hash value as part of the file name, and then use this name to find the issuer's certificate in the "./cert" folder. Therefore, we need to rename each CA's certificate using the hash value generated from its subject field, or we can make a symbolic link out of the hash value. In the following command, we use opensslto generate a hash value, which is then used to create a symbolic link. $ openssl x509 -in someCA.crt -noout -subject_hash 4a6481c9 $ ln -s some CA.crt 4a6481c9.0 $ ls -1 total 4 lrwxrwxrwx 1 -rw-r--r-- 1 ... ... 4a6481c9.0 -> some CA.crt someCA.crt In the previous task, we use the certificates in the /etc/ssl/certs folder to verify server's certificates. In this task, we will create our own certificate folder, and place the corresponding certificates in the folder to do the verification. Please create a folder called certs, and change the cadir line in the client program to the following. Run the client program and report your observation. cadir './certs' To solve this problem, you need to place the corresponding CA's certificate into your certs folder. Please use your client program to find out what CA certificate is needed to verify the www.example.com server's certificate, and then copy the certificate from the /etc/ssl/certs to your own folder. Run your client program again. If you have done everything correctly, your client program should be able to talk to the server. It should be noted that copying CA's certificate to the "./cert" folder is not enough. When TLS tries to verify a server certificate, it will generate a hash value from the issuer's identify information, use this hash value as part of the file name, and then use this name to find the issuer's certificate in the "./cert" folder. Therefore, we need to rename each CA's certificate using the hash value generated from its subject field, or we can make a symbolic link out of the hash value. In the following command, we use opensslto generate a hash value, which is then used to create a symbolic link. $ openssl x509 -in someCA.crt -noout -subject_hash 4a6481c9 $ ln -s some CA.crt 4a6481c9.0 $ ls -1 total 4 lrwxrwxrwx 1 -rw-r--r-- 1 ... ... 4a6481c9.0 -> some CA.crt someCA.crt
Expert Answer:
Related Book For
Posted Date:
Students also viewed these computer network questions
-
Planning is one of the most important management functions in any business. A front office managers first step in planning should involve determine the departments goals. Planning also includes...
-
Based on the scenario I need to finish four tasks: -Add a moving bullet actor -Shoot a bullet when the player presses the spacebar key -Destroy a rock when the bullet hits the rock -Increase the...
-
Both high-income and low-income employees are covered by cafeteria plans. Under such plans, all employees may select from a list of non-taxable fringe benefits or they may elect to receive cash in...
-
Products of combustion enter a gas turbine with a stagnation pressure of 0.75 MPa and a stagnation temperature of 6908C, and they expand to a stagnation pressure of 100 kPa. Taking k = 1.33 and R =...
-
Suppose that you inherit $10,000. The will states how you must invest the money. Some (or all) of the money must be invested in stocks and bonds. The requirements are that at least $3000 be invested...
-
What factors have led to increased organizational interest in HR metrics and workforce analytics?
-
John R. lane (SSN 111-44-6666) lives at 1010 Ispen street, Yorba Linda, California 90102. John, a single taxpayer, age 66 provided 100% of his cousin's support. the cousin lives in Arizona. he wants...
-
Suppose the exchange rate between U.S. dollars and Swiss francs is CHF 0.92 = $1.00, and the exchange rate between the U.S. dollar and the euro is $1.00 = 0.84 euro. What is the cross rate of Swiss...
-
if the current change as a function of time in the equation f ( t ) = 4 t - 3 , find the total charge in the period time from t = 1 s to 6 s
-
b) The first analyte had a retention time of 7.0 min and a width at the base of 0.30 ml. Further experiments revealed that a non-retained compound had a retention time of 1.9 min. The volumetric flow...
-
Calculate percentage by mass of hex on gono in a mixture containing 6 . 2 2 g of this compound and 1 8 4 6 0 octane. 2 - Calculate the molarity of NaCi ( mm 5 8 5 g / mol in a solution solution...
-
Hydrochloric acid, HCI, reacts with water to form Cl and H3O+. Which of the following is TRUE when the acid is first added to water at T=298 K?
-
Calculate the limiting current that would be expected from the reduction of 2 x 1 0 - 4 M Pb + , using the DME characteristics, m = 2 . 0 mg / s and t = 4 s . The diffusion coefficient of Pb 2 + is...
-
II. Standardization with KHP. Show the calculation for determining the approximate amount of KHP to be weighed out to react with about 25 mL of your M NaOH solution. The reaction stoichiometry is 1:1.
-
As of June 30, 2016 the bank statement showed an ending balance of $19,500. The unadjusted cash account balance was $15,200. The following information is available 1. Deposit in transit, $2,400 2....
-
What are multinational corporations (MNCs) and what economic roles do they play?
-
The \(x\) component of the velocity of a car changes from \(-10 \mathrm{~m} / \mathrm{s}\) to \(-2.0 \mathrm{~m} / \mathrm{s}\) in \(10 \mathrm{~s}\). (a) Is the car traveling in the positive or...
-
The day after the incident described in Problem 44, the instructor finds herself in the same situation. This time, she tries a harder physics exercise. She keeps running at a constant \(6.0...
-
(a) A car is speeding up in the negative \(x\) direction. In what direction do \(\vec{a}\) and \(\vec{v}\) point? (b) To which of the four graphs in Figures 3 . 2 and 3 . 3 does the situation...
Study smarter with the SolutionInn App