As a recap:
>I've been trying to generate CSRs using openSSL, without much success.
>Working
>from req.c as a guide, I've been able to construct a CSR, sign it, and verify
>it. I then Base-64 encode it and save it in a suitable PKCS#10 format.
>Sounds easy, right? It is, except that whenever I try to use the CSR on
>Thawte's test certificate generator, it tells me that "the CSR is not
>self-signed".
The problem was that I hadn't set the version number in the request. I had
mistakenly assumed that when I created the X509_REQ that a version number
was entered as part of that process.
Silly me! And many thanks to Holger Reif for identifying the problem.
cjh
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
CJ Holmes "The Macintosh uses an experimental
StarNine pointing device called a 'mouse.'
Director of Development There is no evidence that people
want to use these things."
(John C. Dvorak, SF Examiner, Feb. 1984.)
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
