Re: CA generation/certificate serial number

2008-04-03 Thread Peter Sylvester
openssl is VERY tolerant concerning the encoding/decoding of an INTEGER value. Other decoders may not like such things as length 0 etc. When converting such a beast from DER to PEM or the other way, you might have a surprise. From X.690: 8.3 Encoding of an integer value 8.3.1 The encoding

RE: CA generation/certificate serial number

2008-04-03 Thread David Schwartz
smime.p7m Description: S/MIME encrypted message

Re: CA generation/certificate serial number

2008-01-07 Thread Giang Nguyen
nils Frédéric Donnat wrote: Hi, Sorry for the mistake (nothing to deal with openssl.cnf file). I was just looking for ca.txt file. Is it normal behavior of openssl to be able to view a certificate without serial number using (without any error mentioned): openssl x509 -in

FW: CA generation/certificate serial number

2005-09-01 Thread Frédéric Donnat
serial number Frédéric Donnat wrote: Hi, Sorry for the mistake (nothing to deal with openssl.cnf file). I was just looking for ca.txt file. Is it normal behavior of openssl to be able to view a certificate without serial number using (without any error mentioned): openssl x509

CA generation/certificate serial number

2005-08-30 Thread Frédéric Donnat
Hi, Sorry for the mistake (nothing to deal with openssl.cnf file). I was just looking for ca.txt file. Is it normal behavior of openssl to be able to view a certificate without serial number using (without any error mentioned): openssl x509 -in some_cert_without_sn.pem -text But to be unable

Re: CA generation/certificate serial number

2005-08-30 Thread Nils Larsch
Frédéric Donnat wrote: Hi, Sorry for the mistake (nothing to deal with openssl.cnf file). I was just looking for ca.txt file. Is it normal behavior of openssl to be able to view a certificate without serial number using (without any error mentioned): openssl x509 -in some_cert_without_sn.pem

CRL adds 00 to the certificate serial number

2001-11-21 Thread Lugeon Blaise
Dear, I have some trouble with CRL creations and some certificates serial number. I wrote some code using OpenSSL 0.9.6 to create and sign a CRL. I can specify the serial number (hex) of the certificates which I want to revoke. Everything works fine, except for some serial number: If a my

Re: CRL adds 00 to the certificate serial number

2001-11-21 Thread Erwann ABALEA
On Wed, 21 Nov 2001, Lugeon Blaise wrote: Everything works fine, except for some serial number: If a my serial number starts with a number higher than 7, OpenSSL adds 00 before it. Ex: 7FF5A2 - 7FF5 A2 : Correct 8FF5A2 - 008F F5A2 : Incorrect FFF5A2 - 00FF F5A2 : Incorrect I

Certificate Serial Number

2000-07-13 Thread Sebastiano Di Paola
Hi all, Is there a method provided of couse by Openssl to generate certificate serial number that are unique? thanks Kind regards Sebastiano Di Paola __ OpenSSL Project http://www.openssl.org User