. . "6ab0e37ff9f0ed36e6b0ef6218afe304" . "VirtGenerateX509Cert" . . . "VirtGenerateX509Cert" . . . "VirtGenerateX509Cert" . . "2017-06-13T05:50:06.228661"^^ . "2017-06-13T05:50:06Z" . "2017-06-13T05:50:06.228661"^^ . . . . . . . "---++X.509 certificate Generation\n\nThe WebID Protocol consumer needs an x509 certificate with v3 extension \"Subject Alternate Name\". \nThis attribute is used for the owner's Web ID. For testing purposes we used OpenSSL demo CA \nto generate such certificates. If you are not using the OpenSSL demo CA, you must first setup \na self-signed CA; read OpenSSL documents on how to do this. \n\n 1 Add the following line to the [usr_cert] section of the openssl.cnf \nfile —\n\nsubjectAltName=$ENV::ALTNAME\n\n 1 Set the environment variable ALTNAME to the owner's Web ID, e.g., \n\nexport ALTNAME=URI:http://localhost/dataspace/person/myname#this\n\n 1 Make a self-signed certificate, e.g., \n\n$ CA.pl -newreq (follow the dialog) \n$ CA.pl -sign\n \n 1 When asked to commit the certificate, make sure you see several lines above, like —\n \nX509v3 Subject Alternative Name: \n URI:http://localhost/dataspace/person/myname#this \n \n 1 If your browser wants a PKCS#12 bundle, you must make one —\n \n$ openssl pkcs12 -export -in newcert.pem -inkey newkey.pem -out mycert.p12 \n \n 1 Rename newcert.pem and newkey.pem, to mycert.pem \nand mykey.pem for example. " . . . "2017-06-13T05:50:06Z" .