Chapter 2 Generating Certificates

Generating Certificates with OpenSSL

The CR usually contains the following:

An RSA key-pair

Subject name (possibly in DN format)

Desired lifetime of the certificate

Name or identification of the issuing (signing) CA

Certificate extensions

PEAP and EAP-TLS require server certificates to include an extendedKeyUsage extension of TLS Server Authentication and client certificates to include an extendedKeyUsage extension of TLS Client Authentication. The method used to specify extensions and their values depends on the tool. The extendedKeyUsage extension contains one or more Object Identifier (OID) values which are specified as strings of dot-separated decimals. The appropriate values are shown below:

Table 2-1

Required Values of extendedKeyUsage

 

 

 

 

Server or Client

 

OID Value

Meaning

 

 

 

 

Server

 

1.3.6.1.5.5.7.3.1

TLS Server Authentication

 

 

 

 

Client

 

1.3.6.1.5.5.7.3.2

TLS Client Authentication

 

 

 

 

Certificate Generation

The CR is submitted to the CA to generate the actual certificate. This might happen immediately, upon request (such as using a web form) or there might be delays if the CA is operated offline or requires manual management approval to issue certificates.

Generating Certificates with OpenSSL

This section provides example of creating certificates with OpenSSL. The OpenSSL open source project includes a command line tool, openssl, used to create keys and certificates. OpenSSL has many other useful capabilities. For more information about the OpenSSL open source project, check their website:

http://www.openssl.org

The examples create an extremely simple certificate hierarchy consisting of two levels and three certificates. First a self-signed root certificate is created and then used to sign a server certificate and a client certificate. Most realistic certificate hierarchies contain one or more levels of intermediate CA certificates.

The following steps assume a Linux or BSD-style shell is active, but the commands for most other command line environments are similar.

The openssl.cnf Configuration File

The openssl command tool uses a configuration file usually named openssl.cnf for various parameters and other information related to creating certificate requests.

There are two ways to make the openssl.cnf file available to the command tool:

Using the OPENSSL_CONF environment variable

WLSE Express AAA Server Certificate Configuration Guide

2-2

OL-8880-01

 

 

Page 2
Image 2
Eureka OL-8880-01 manual Certificate Generation, Openssl.cnf Configuration File

OL-8880-01 specifications

The Eureka OL-8880-01 is a cutting-edge robot vacuum designed to simplify home cleaning while maximizing efficiency. As a product of Eureka's commitment to innovation and quality, the OL-8880-01 integrates advanced technologies that elevate the cleaning experience for consumers seeking both convenience and performance.

One of the standout features of the OL-8880-01 is its powerful suction capabilities. Harnessing a high-efficiency motor, this vacuum effectively captures dirt, dust, and debris from various surfaces, including carpets, hardwood floors, and tile. The adjustable suction settings allow users to customize the power based on the type of surface being cleaned, ensuring optimal results.

Equipped with intelligent navigation technology, the OL-8880-01 employs a combination of sensors and mapping capabilities, allowing it to navigate and clean efficiently without missing spots or getting stuck. This feature not only enhances cleaning precision but also saves time by allowing the vacuum to cover larger areas in shorter periods.

Moreover, the OL-8880-01 stands out due to its slim design, making it easily maneuverable in tight spaces and ensuring it can reach under furniture and along edges. Its low profile allows users to maintain a clean home without having to move heavy furniture.

Battery life is another critical aspect of the Eureka OL-8880-01. With a robust lithium-ion battery, this vacuum provides extended cleaning sessions on a single charge. The automatic docking feature ensures that the vacuum returns to its charging station when its battery is low, making it hassle-free for users who appreciate automated cleaning.

Another key characteristic of the OL-8880-01 is its advanced filtration system. The vacuum features a multi-stage filtration mechanism designed to capture allergens and fine particles, providing cleaner and healthier air quality in the home. This feature is particularly beneficial for allergy sufferers and families with pets.

The design is complemented by easy-to-use controls and a user-friendly app that allows for remote operation. Users can schedule cleanings, monitor the vacuum’s status, and even control it from their smartphones, ensuring a seamless and integrated cleaning experience.

In conclusion, the Eureka OL-8880-01 combines powerful suction, intelligent navigation, and user-friendly features, making it an excellent choice for those seeking an efficient and reliable robot vacuum. With its emphasis on performance and convenience, this model reflects Eureka’s dedication to providing products that enhance modern living.