Hi Jasper, the major goal of using requests is that the signer does not know and need the private key of the client certificate.
If your application creates a key and a request and signs the request then you don't need the request and directly can create a signed certificate and key and hand them out to the client in e.g. PKCS12 format. Regards Christian On Thu, Nov 21, 2002 at 02:01:45PM +0100, Jasper Spit wrote: > Hi, > > For non-web based OpenSSL applications, is it still necessary or > recommended > to use certificate requests to obtain a new certificate ? Currently my > application > just creates a new X509 certificate with X509_new(), sets things like > Common Name > and has that certificate signed by a (self-signed) CA root certificate. > I can > understand that for certificates that are to be signed by e.g. VeriSign > you use > a certificate signing request, but for applications like mine I don't > see the > need to use one. Maybe I'm overlooking something ? > > Thx, Jasper > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
