If you use 'openssl x509 -x509toreq' it will create a request from an
X.509 object.
If you use 'openssl req -x509' it will create an X.509 object instead
of a request.
However, the appropriate solution to this problem is to use 'openssl
x509 -inform der -in test -text -noout'. It's expecting a trusted
certificate in PEM (aka base-64 encoded or ascii-armored) format.
'-inform der' tells it to expect a DER-encoded bytestream.
Cheers,
-Kyle H
On 12/14/06, Lutz Jaenicke <[EMAIL PROTECTED]> wrote:
On Wed, Dec 13, 2006 at 08:07:16PM -0500, Alex wrote:
> On Tue, 12 Dec 2006 09:23:48 +0100
> Lutz Jaenicke <[EMAIL PROTECTED]> wrote:
>
> > Forwarded to openssl-users for discussion.
> >
> > Having a glance on your report it seems that you have created a
> > certificate request which is to be submitted to CA for signing.
> > Only the certificate signed by the CA is a X.509 object that
> > can be handled with the "openssl x509" application. To display the
> > contents of the request you have to use the "openssl req" application
> > itself.
> >
> > Best regards,
> > Lutz
>
> This error also happens when I attempt to sign a CSR with the CA
> command.
I doubt that the CA command will complain about not finding a X509
object as it expects a CSR.
You did take care of using PEM format (ASCII-armored with proper
headers) instead of using DER (binary) format!?
Best regards,
Lutz
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
