Thanks Matt ! On Tue, Nov 3, 2015 at 4:29 PM, Matt Caswell <matt at openssl.org> wrote: > > > On 03/11/15 23:33, Jayadev Kumar wrote: > > Hi, > > > > Can i create DH-RSA and DH-DSS certificate using openssl ? > > Yes. > > > > > If yes, Which openssl version has the support for it ? > > 1.0.2 > > > > > Can i use DH-RSA and DH-DSS certificate with 'openssl s_server' > > application ? > > Yes from version 1.0.2. > > You cannot create "self-signed" DH certificates because DH is not a > signing algorithm. Therefore you *must* get a certificate from some kind > of CA. Dependant on what you want to use it for the easiest way is to > create your own CA (using an RSA key if you want DH-RSA, or a DSS key if > you want DH-DSS). > > Once you have set up a CA you can create the DH certificate as described > in this answer on stackexchange: > http://security.stackexchange.com/a/82868 > > Matt > _______________________________________________ > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users > -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20151104/67e7570f/attachment.html>
