On Wed, 21 Feb 2001, Hellan,Kim KHE wrote:
> Hi Vadim
>
> Maybe this is a stupid question, but to make a CA signed certificate do you
> then first have to make a selfsigned certificate and then get the CA to sign
> that certificate?
To sign something, a private (rsa) key is required only and X509_sign()
will do that. One should fill details into cert_info of X509 before
signing and specify hash algorithm.
> As far as I can see, this is how certify_cert() works.
One can pickup subject's public key and name from the self-signed
certificate as an option.
> But anyway, do you have any hints about what I should do to get from X.509
> "parts" I already have loaded to a self-signed or CA-signed certificate.
The difference is issuer name and private key used for signing
regards,
Vadim
>
> Any help appreciated!
>
> TIA
> Kim Hellan
>
> Fra: Vadim Fedukovich [mailto:[EMAIL PROTECTED]]
> Emne: Re: How to make a CA signed certificate (in code)
>
> since X.509 certificate is somethingToBeSigned and signature over that
> once can use X509_sign() to do it. Probably you mean certify_cert()
> and, yes, lots of parameters there to specify certificate content.
>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
