Erwann,
Thanks for all the detailed comments!!
Jim
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager
Bonjour,
Hodie pr. Non. Mar. MMV est, ohaya scripsit:
> This is the self-signed root CA cert. It is now V3, and has the AKI and
> SKI.
Good.
>It still has "Digital Signature", as I wasn't sure about what to
> do with that on the root CA cert:
It's useless, as you'll really use the Root certifi
Erwann and Steve,
Thanks for all the comments. Here're a new set of certs where I think
that I've taken care of the points raised by both of you. I'd
appreciate your review.
This is the self-signed root CA cert. It is now V3, and has the AKI and
SKI. It still has "Digital Signature", as I wa
On Sat, Mar 05, 2005, Erwann ABALEA wrote:
> Bonsoir,
>
>
> > X509v3 Authority Key Identifier:
> >
> > keyid:FF:78:E3:03:37:8D:EA:0F:1D:ED:B0:C7:D2:48:49:C6:90:D1:D5:B0
>
> Problem. The issuer of this certificate doesn't have any
> subjectKeyIdentifier extension, so
Bonsoir,
Hodie III Non. Mar. MMV est, ohaya scripsit:
> This is the SUB ROOT CA's Cert:
>
> Certificate:
[...]
> Validity
> Not Before: Mar 2 06:08:03 2005 GMT
> Not After : Feb 27 09:22:27 2008 GMT
A little less than 3 years for the duration is a bit short. Not