On Fri, Mar 04, 2005, Peter Cope wrote:
> Steve, sorry forget to include the asn1parse output ...
>
> I've X'd out sensitive stuff:
>
> 0:d=0 hl=4 l=57226 cons: SEQUENCE
> 4:d=1 hl=2 l= 9 prim: OBJECT:pkcs7-envelopedData
>15:d=1 hl=4 l=57211 cons: cont [
Ah, cool. Thanks!
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Nils Larsch
> Sent: Saturday, March 05, 2005 11:10 AM
> To: openssl-users@openssl.org
> Subject: Re: What does the "subject name's hash" mean?
>
> Edward Chan wrote:
> > And do wha
On Sat, Mar 05, 2005, Erwann ABALEA wrote:
> Bonsoir,
>
>
> > X509v3 Authority Key Identifier:
> >
> > keyid:FF:78:E3:03:37:8D:EA:0F:1D:ED:B0:C7:D2:48:49:C6:90:D1:D5:B0
>
> Problem. The issuer of this certificate doesn't have any
> subjectKeyIdentifier extension, so
Bonsoir,
Hodie III Non. Mar. MMV est, ohaya scripsit:
> This is the SUB ROOT CA's Cert:
>
> Certificate:
[...]
> Validity
> Not Before: Mar 2 06:08:03 2005 GMT
> Not After : Feb 27 09:22:27 2008 GMT
A little less than 3 years for the duration is a bit short. Not
> > Per earlier messages from Steve Henson, the SUB ROOT CA (CN=ATEST5) has
> > "Basic Constraints" with "CA=TRUE", and "Digital Signature, Certificate
> > Sign, CRL Sign".
> >
>
> I can't recall saying the CA certificate needed "digital signature". It
> doesn't but if you sign with user certific
> The standards don't actually say much about the root CA at present. However it
> should really have those extensions. It is also a V1 and not a V3 certificate.
> This might be because you are following one of the old or inaccurate guides or
> even the odd book that gives incorrect instructions.
On Sat, Mar 05, 2005, ohaya wrote:
> Hi,
>
>
> Per earlier messages from Steve Henson, the SUB ROOT CA (CN=ATEST5) has
> "Basic Constraints" with "CA=TRUE", and "Digital Signature, Certificate
> Sign, CRL Sign".
>
I can't recall saying the CA certificate needed "digital signature". It
doesn't
Edward Chan wrote:
And do what length is it truncated? Thanks.
to the length of an "unsigned long", have a look at
X509_NAME_hash() in crypto/x509/x509_cmp.c
Nils
__
OpenSSL Project http://www.opens
And do what length is it truncated? Thanks.
Ed
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Nils Larsch
> Sent: Saturday, March 05, 2005 1:48 AM
> To: openssl-users@openssl.org
> Subject: Re: What does the "subject name's hash" mean?
>
> Edwa
Hi,
This is a followup to an earlier inquiry regarding CA certificates in a
certificate chain.
I got a test configuration, where I have a root CA and a subroot CA by
first creating two self-signed CAs (ATEST4 and ATEST5), and then getting
the ATEST4 CA to re-sign the ATEST5 CA's cert.
It seems
On Sat, Mar 05, 2005, Zerg wrote:
> Please, help..
> For example I want to generate ASN1 type of UTF8String by this call
> ASN1_generate_v3(p, ctx)
> I pass to this subrouting such string "UTF8:ÊÃÕËÅÎÇ". But no correct
> effect..
> I 'tried to pass for the value the correct UTF8 data,p
Edward Chan wrote:
Sorry for all the questions today. But I'm looking at the
SSL_CTX_load_verify_locations() API and the 3rd arg. This specifies,
"The name of a directory containing CA certificates. Each file in the
directory must contain only a single CA certificate, and the files must
be n
12 matches
Mail list logo