Hi there, An additional thought from my side: One main purpose of X.509v3 and PKIX is to provide an interoperable framework which allows completely different entities to establish a trusted communication relationship.
Regardless of if the certificates produced by the mentioned target environment are technically compliant to those standards - if OpenSSL (as one of the major cryptographic libraries used on the Internet to implement these standards) cannot process these certificates properly this indicates that the certificates produced by the target environment may not provide the expected compatibility. Cheers Martin _______________________________________________ OpenXPKI-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openxpki-users
