Is to prove (to the CA) that you actually own the private key
corresponding to the public key that you're sending in the request for
certification. You send the challenge and the signed challenge, and the CA
verifies the signature with your public key. If it match, everything's ok.
Does it answer your question?
Rodrigo.
"Chan, Moses" wrote:
> Does anyone know what is the purpose of having to fill the
> "challenge" for when creating a signing request or certificate?
>
> Thanks in advance.
>
> --Moses
>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
--
"Se que crees que entiendes lo que piensas que yo dije,
pero no estoy seguro de que te des cuenta
de que lo que escuchaste no es lo que yo quise decir"
Richard Nixon (y yo)
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
