Jaco Kroon wrote:
....
I believe that is it, waiting for your reply. I'll try a version upgrade
on OpenSSL and let you know anyhow - but somehow I don't think it's going
to help :).
Hi Jaco,
here is the 'openssl asn1parse ...' output of the certificate
created by your program:
0:d=0 hl=4 l= 598 cons: SEQUENCE
4:d=1 hl=4 l= 447 cons: SEQUENCE
8:d=2 hl=2 l= 3 cons: cont [ 0 ]
10:d=3 hl=2 l= 1 prim: INTEGER :00
13:d=2 hl=2 l= 1 prim: INTEGER :00
That's wrong (at least I think so). The default version
(v1 == 0x0) shouldn't be encoded in the DER encoding
(see RFC 3280 etc.) If you look at 'asn1parse' output
of the other certificate (created with openssl):
0:d=0 hl=4 l= 593 cons: SEQUENCE
4:d=1 hl=4 l= 442 cons: SEQUENCE
8:d=2 hl=2 l= 1 prim: INTEGER :00
11:d=2 hl=2 l= 13 cons: SEQUENCE
13:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
you see that the version number (0x0) is omitted.
I'm not really familiar with the 0.9.6 OpenSSL ASN1 code but could
you try two things: a) set the version to 02 (== X509v3 certificate)
and b) don't set the version at all.
Regards,
Nils
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
