Some instructions on the small CA system and DLL source code

Often some enthusiastic netizens ask me about the use of the small CA system, here is a brief explanation:

1, the label with USB is the Usbkey key itself to operate, and the small CA does not have any relationship, but originally this program is used to operate usbkey, so retain these functions, usbkey use is the flying integrity epas100.

2, CA extension operation can extract the public private key in the P12 package, modify the P12 package password, and the conversion function of the certificate encoding.

3, CA Center operation can make root certificate, certificate, P10 request, blacklist, etc., note that the small CA adopted a fixed root certificate, so the first to install the root certificate, issued by the subkey is trusted, the root certificate file ROOTCERT.PEM.

4, SSL clients can use SSL protocol to connect some of the Web site to provide SSL services, the program lists some.

5, SSL server can be a stand-alone server to provide SSL services, note that you can not use SSL client in the same program to connect SSL server, with SSL client Connection server appears half of Chinese characters (garbled) is because there is no processing half Chinese characters problem, you can use IE to connect SSL server, The procedure is: Select a specific port, the default is 443, choose whether to require a client certificate, and then start service, open IE, url bar input: https://localhost: Port, if successful, you can display Web pages, using the default port 443 on some operating systems may conflict with IIS, You can pause the IIS service.

6, the EVP algorithm can use some symmetric, asymmetric algorithm to add and decrypt the file operation.

7, the RA server provides a C/s framework of the server, and Raclient program interconnection, the specific approach is: Select the port, start the service, and then open the Raclient.exe program, address selection localhost, port Select Server port, and then connect, after entering, Can carry out certificate application, audit, production, set aside, make blacklist operation.

8, when the operation, the root certificate public key file Rootcert.pem, the database file Ra.mdb must be placed under the same directory as MiniCA.exe.

9, this program contains a small part of the function of OpenSSL, please refer to the OpenSSL official website.

10, attached CA.DLL, EVP. DLL source code, which is flawed, please correct. Please do not use for commercial purposes.

This article supporting source code