So basically if I don't find a cert with the correct options, I'm screwed.
Thank you for the explanation.
Attila
2010/5/12 Erwann ABALEA erwann.aba...@keynectis.com:
Hello,
Hodie IV Id. Mai. MMX, Darázs Attila scripsit:
Please help me figure out this. I'm trying to add the CA:TRUE
constraint to one of my existing cert (the GTE CyberTrust Global Root,
actually, can be downloaded here:
http://ugykezelo.elte.hu/files/gte-cybertrust-global-root.crt ).
First, you can't modify an existing certificate without invalidating
its signature.
Second, this certificate is a V1 one, and extensions were added to V3
of the X.509 standard. You can't then add the basicConstraints
extension.
Explanation why I need this:
I'm trying to install a CA cert on my Android phone, to use my
university WiFi account, via http://www.realmb.com/droidCert/ I would
need to install the GTE CyberTrust Root cert, but it is getting
registered as a client cert, not a CA one. If I try to install one
with CA:TRUE, then it's working properly.
--
Erwann ABALEA erwann.aba...@keynectis.com
-
Computers can never replace human stupidity.
__
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-us...@openssl.org
Automated List Manager majord...@openssl.org
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org