Carlos,
I was not able to open the .crt files. The tid_x1_ne.cacert is a PKCS 7
chain that you should be able to open with OpenSSL.
I did an ASN.1 parse and have the output below from 4R-CA_1.crt. Maybe
someone on the list can do something with it.
Chris
0:d=0 hl=4 l= 608 cons: SEQUENCE
4:d=1 hl=2 l= 7 prim: OBJECT :0.2.262.1.10.7.107
13:d=1 hl=4 l= 595 cons: SEQUENCE
17:d=2 hl=4 l= 447 cons: SEQUENCE
21:d=3 hl=2 l= 3 cons: cont [ 0 ]
23:d=4 hl=2 l= 1 prim: INTEGER :02
26:d=3 hl=2 l= 4 prim: INTEGER :3B0567D6
32:d=3 hl=2 l= 10 cons: SEQUENCE
34:d=4 hl=2 l= 6 prim: OBJECT :ripemd160WithRSA
42:d=4 hl=2 l= 0 prim: NULL
44:d=3 hl=2 l= 111 cons: SEQUENCE
46:d=4 hl=2 l= 11 cons: SET
48:d=5 hl=2 l= 9 cons: SEQUENCE
50:d=6 hl=2 l= 3 prim: OBJECT :countryName
55:d=6 hl=2 l= 2 prim: PRINTABLESTRING :DE
59:d=4 hl=2 l= 33 cons: SET
61:d=5 hl=2 l= 12 cons: SEQUENCE
63:d=6 hl=2 l= 7 prim: OBJECT :0.2.262.1.10.7.20
72:d=6 hl=2 l= 1 prim: PRINTABLESTRING :1
75:d=5 hl=2 l= 17 cons: SEQUENCE
77:d=6 hl=2 l= 3 prim: OBJECT :commonName
82:d=6 hl=2 l= 10 prim: T61STRING :3R-CA 1:PN
94:d=4 hl=2 l= 61 cons: SET
96:d=5 hl=2 l= 59 cons: SEQUENCE
98:d=6 hl=2 l= 3 prim: OBJECT :organizationName
103:d=6 hl=2 l= 52 prim: T61STRING :Regulierungsbeh�orde f�ur
Telekommunikation und Post
157:d=3 hl=2 l= 34 cons: SEQUENCE
159:d=4 hl=2 l= 15 prim: GENERALIZEDTIME :19990121173837Z
176:d=4 hl=2 l= 15 prim: GENERALIZEDTIME :20040121160002Z
193:d=3 hl=2 l= 111 cons: SEQUENCE
195:d=4 hl=2 l= 11 cons: SET
197:d=5 hl=2 l= 9 cons: SEQUENCE
199:d=6 hl=2 l= 3 prim: OBJECT :countryName
204:d=6 hl=2 l= 2 prim: PRINTABLESTRING :DE
208:d=4 hl=2 l= 61 cons: SET
210:d=5 hl=2 l= 59 cons: SEQUENCE
212:d=6 hl=2 l= 3 prim: OBJECT :organizationName
217:d=6 hl=2 l= 52 prim: T61STRING :Regulierungsbeh�orde f�ur
Telekommunikation und Post
271:d=4 hl=2 l= 33 cons: SET
273:d=5 hl=2 l= 12 cons: SEQUENCE
275:d=6 hl=2 l= 7 prim: OBJECT :0.2.262.1.10.7.20
284:d=6 hl=2 l= 1 prim: PRINTABLESTRING :1
287:d=5 hl=2 l= 17 cons: SEQUENCE
289:d=6 hl=2 l= 3 prim: OBJECT :commonName
294:d=6 hl=2 l= 10 prim: T61STRING :4R-CA 1:PN
306:d=3 hl=3 l= 159 cons: SEQUENCE
309:d=4 hl=2 l= 13 cons: SEQUENCE
311:d=5 hl=2 l= 9 prim: OBJECT :rsaEncryption
322:d=5 hl=2 l= 0 prim: NULL
324:d=4 hl=3 l= 141 prim: BIT STRING
468:d=2 hl=2 l= 10 cons: SEQUENCE
470:d=3 hl=2 l= 6 prim: OBJECT :ripemd160WithRSA
478:d=3 hl=2 l= 0 prim: NULL
480:d=2 hl=3 l= 129 prim: BIT STRING
-----Original Message-----
From: Hans Carlos Hofmann [mailto:[EMAIL PROTECTED]]
Sent: Thursday, October 04, 2001 1:19 PM
To: [EMAIL PROTECTED]
Subject: frustration about x509 versions ?
Hello,
I have request the root ca of my national digital sign authority.
It's the german regulatory authority for telecommunication.
I have tried to load this with
openssl x509 -inform DER -in 4R-CA_1.crt -noout -text
openssl x509 -inform PEM -in 4R-CA_1.crt -noout -text
openssl x509 -inform NET -in 4R-CA_1.crt -noout -text
nothing of this works.
I have the same problem with some other CA's root certificates
like the digicert root certificates (tid_x1_ne.cacert) .
I have attached this ones to this mail. Has everyone an idea how to load
this certificates to openssl ?
Carlos
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
