Re: [openssl-users] Another problem with openssl x509 -req -- default_enddate

On Wed, Aug 30, 2017 at 12:17:09AM -0400, Robert Moskowitz wrote: > So back to openssl ca and deal with no way to directly create a DER > formatted cert. > > Definitely a deficiency. Not really a deficiency, as the certificates in question need to be squirreled away in PEM format in the CA's

Re: [openssl-users] Another problem with openssl x509 -req -- default_enddate

Viktor, thanks for the explanation. Obviously I read more into the man that was really there: https://www.openssl.org/docs/man1.1.0/apps/x509.html So back to openssl ca and deal with no way to directly create a DER formatted cert. Definitely a deficiency. On 08/29/2017 07:25 PM, Viktor

Re: [openssl-users] Not updating index.txt

On 08/29/2017 07:24 PM, Dr. Stephen Henson wrote: On Tue, Aug 29, 2017, Robert Moskowitz wrote: I started out making certs from csrs with: openssl ca -config $dir/openssl-intermediate.cnf -extensions usr_cert -days 375 -notext -md sha256 \ -in $dir/csr/$clientemail.csr.$format -out

Re: [openssl-users] Another problem with openssl x509 -req -- default_enddate

On Tue, Aug 29, 2017 at 05:36:34PM -0400, Robert Moskowitz wrote: > Another problem. It is almost like it is not reading the CA selction? Not "almost", but actually as expected, since "openssl x509 -req" is not the ca(1) application. >openssl x509 -req -extfile $dir/openssl-8021AR.cnf \ >

Re: [openssl-users] Not updating index.txt

On Tue, Aug 29, 2017, Robert Moskowitz wrote: > I started out making certs from csrs with: > > openssl ca -config $dir/openssl-intermediate.cnf -extensions > usr_cert -days 375 -notext -md sha256 \ > -in $dir/csr/$clientemail.csr.$format -out > $dir/certs/$clientemail.cert.$format > > And

[openssl-users] Another problem with openssl x509 -req -- default_enddate

Another problem. It is almost like it is not reading the CA selction? openssl ca -config $dir/openssl-8021AR.cnf -extensions 8021ar_idevid -notext -md sha256 \ -in $dir/csr/$DevID.csr.pem -out $dir/certs/$DevID.cert.pem processes the default_enddate default_enddate= 1231235959Z #

[openssl-users] Not updating index.txt

I started out making certs from csrs with: openssl ca -config $dir/openssl-intermediate.cnf -extensions usr_cert -days 375 -notext -md sha256 \ -in $dir/csr/$clientemail.csr.$format -out $dir/certs/$clientemail.cert.$format And that worked well enough, but I found some limitations

Re: [openssl-users] [ruby/openssl] instead of looking of NIDs and then using X509V3_EXT_nconf_nid, (#141)

Thank you so much for the reply. I will comment in the issue as requested, but I'll do so in email so that I can CC the openssl-users list. Kazuki Yamaguchi wrote: > The ruby-core mailing list or this GitHub issue tracker is the right > place for questions