Kim,
since X.509 certificate is somethingToBeSigned and signature over that
once can use X509_sign() to do it. Probably you mean certify_cert()
and, yes, lots of parameters there to specify certificate content.
Regards,
Vadim
On Fri, 16 Feb 2001, Hellan,Kim KHE wrote:
> Hi
>
> I'm trying to make a CA signed certificate. I already have composed/loaded
> all of the following "parts" for the certificate:
>
> EVP_PKEY* pCAKey; /* CA private key */
> X509* pCACert; /* CA root certificate */
> X509_NAME* pX509Subject; /* Certificate subject */
> EVP_PKEY* pPubKey; /* Certificate public key */
> STACK_OF(X509_EXTENSION)* pExtensions; /* X509v3 extensions */
> unsigned long ulNoDaysValid; /* Valid_from is the current time */
> unsigned long ulCertSerialNo;
>
> Now I "just" need to combine all this into a certificate. I have looked at
> the CA/X509 apps, but its a bit confusing since they contain a lot of code
> that I don't really need, since I have all the "parts" ready and I don't use
> a config file. I also looked at the X509_Certify() function, but it has so
> many arguments and some of them I don't event know what are.
>
> I would really appreciate if someone could help me how to get the last bit
> of the way, composing and signing the certificate.
> Any hints are welcome!
>
> TIA
> Kim Hellan
> KMD / KMD-CA
> http://www.kmd-ca.dk
> Mailto:[EMAIL PROTECTED]
>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
