dear all
i'm trying to make my certificate authority which will create certificate
when receive certificate signing request i write this code
1- i create the CSR and sign it which created in the node itself
2- i send the CSR to CA to create a certificate for the node which send
previous CSR
code for CSR
* X509_REQ
* AeroRoutingProtocol :: MakeSignedCertReq (int bits, int serial, int days)
* {
* X509_REQ_set_pubkey(x,puk);
* name=X509_REQ_get_subject_name(x);
* X509_NAME_add_entry_by_txt(name,"C",MBSTRING_ASC, "UK", -1, -1, 0);
* X509_NAME_add_entry_by_txt(name,"CN",MBSTRING_ASC, "OpenSSL Group",
-1, -1, 0);
* X509_REQ_sign(x,puk,EVP_md5());
* return x;
* }
X509 CreateCertificate (X509 *issuer, X509_REQ *req, RSA *key);
X509
CertificateAuthority::CreateCertificate (X509 *issuer, X509_REQ *req, RSA
*key )
{
X509 *cert = NULL;
int rv;
X509_NAME *xn_req = NULL, *subject = NULL;
EVP_PKEY *pkey = NULL;
//create the certificate
X509 * x509;
x509 = X509_new();
X509_NAME *issuerSubject = X509_get_subject_name(issuer);
X509_set_issuer_name(cert, issuerSubject);
xn_req = X509_REQ_get_subject_name(req);
X509_set_subject_name(cert, subject);
pkey = X509_REQ_get_pubkey(req);
rv = X509_set_pubkey(cert, pkey);
X509_gmtime_adj(X509_get_notBefore(cert), 0);
X509_gmtime_adj(X509_get_notAfter(cert), 36400);
signCertificateWithKey(cert, key);
return cert;
}
is that correct or i miss something
--
Warmest regards and best wishes for a good health,*urs sincerely *
*mero*