On 2009-05-28 21:51 PDT, tito wrote: > I am making a CA site for my college project purpose.I learned that > different browsers use different methods to generate CSR.Making CSR in > IE was easy.For vista systems I used CertEnroll.dll methods and for > non-vista IE i used xenroll.dll.I generated CSR in javascript > successfully using that. it is in PKCS10. > > I want to make my project compatible for mozilla and opera too > i want to do the same for mozilla too but i guess mozilla method doesnt > generate PKCS10 format.
Correct. > Then i came across generateCRMF and keygen tags..keygen is not > recommended i guess. Both methods are fully supported. They have different capabilities. Pick the one that does what you want (or comes closest to it). > how to sign the CRMF request key i get in openssl ? > if i am using keygen tag, i think it gives SPKAC format..can we sign > SPKAC using openssl ? > i am able to generate CRMF and SPKAC..but doesnt know how to sign those > in openssl.please help me in regard with this.. I believe that OpenSSL has facilities to handle both formats, SPKAC and CRMF. But having said that, I cannot offer you any help to issue certs based on those forms of requests using OpenSSL. Sorry. That's a question for an OpenSSL forum, as someone else also wrote in this thread. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
