move to .txt for consistency

This commit is contained in:
Klas Lindfors
2014-11-10 10:35:03 +01:00
parent fad5df8e36
commit 5ef6f885d9
+39
View File
@@ -0,0 +1,39 @@
Request and load a certificate from Windows CA
----------------------------------------------
This is a short step-by-step on how to generate a key in the Neo,
create a certificate request, submit that request to a Windows CA
and then load the certificate in the Neo.
Prerequisites
-------------
* a YubiKey Neo with the PIV applet loaded
* the yubico-piv-tool software
* credentials to request certs from a Windows CA
Steps
-----
1. Generate the key:
yubico-piv-tool -s 9a -a generate -o public.pem
2. Request a certificate:
yubico-piv-tool -a verify-pin -P 123456 -s 9a -a request-certificate \
-S "/CN=example/O=test/" -i public.pem -o request.csr
3. Submit the request to the Windows CA:
(this step must be run on a windows machine that know about the CA)
certreq -submit -attrib "CertificateTemplate:User" request.csr cert.crt
4. Load the certificate in the Neo:
yubico-piv-tool -s 9a -a import-certificate -i cert.crt
5. For it to be useful in windows a chuid must be set as well:
(only if that wasn't done earlier)
yubico-piv-tool -a set-chuid