So basically if I don't find a cert with the correct options, I'm screwed. Thank you for the explanation.
Attila 2010/5/12 Erwann ABALEA <erwann.aba...@keynectis.com>: > Hello, > > Hodie IV Id. Mai. MMX, Darázs Attila scripsit: >> Please help me figure out this. I'm trying to add the CA:TRUE >> constraint to one of my existing cert (the GTE CyberTrust Global Root, >> actually, can be downloaded here: >> http://ugykezelo.elte.hu/files/gte-cybertrust-global-root.crt ). > > First, you can't modify an existing certificate without invalidating > its signature. > Second, this certificate is a V1 one, and extensions were added to V3 > of the X.509 standard. You can't then add the basicConstraints > extension. > >> Explanation why I need this: >> I'm trying to install a CA cert on my Android phone, to use my >> university WiFi account, via http://www.realmb.com/droidCert/ I would >> need to install the GTE CyberTrust Root cert, but it is getting >> registered as a client cert, not a CA one. If I try to install one >> with CA:TRUE, then it's working properly. > > -- > Erwann ABALEA <erwann.aba...@keynectis.com> > ----- > Computers can never replace human stupidity. > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-us...@openssl.org > Automated List Manager majord...@openssl.org > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org