Hello everyone,
I have a different problem now. I want to add a "X509v3 Authority Key
Identifier" field in a x509v3 certificate.
This field must have these three parts :
- keyid (the keyid of the issuer)
- dirname (the same string as issuer field)
- serial (of issuer)
int type = NID_authority_key_identifier;
char* value =
""keyid:A6:40:81:F6:3E:4A:AC:08:E7:76:17:01:91:CD:DF:39:D7:CB:FC:14,
DirName:O=O, OU=OU, CN=CN/dnQualifier=pkCB9j5KrAjndhcBkc3fOdfL/BQ=,
serial:01\n"; // here i m not sure how to write it.
X509_EXTENSION *ex;
X509V3_CTX ctx;
X509V3_set_ctx_nodb(&ctx);
X509V3_set_ctx(&ctx, _d_cert , _d_cert, NULL, NULL, 0); // self signed
ex = X509V3_EXT_conf_nid(NULL, &ctx, type , value);
if (ex == NULL)
throw Odici_exception(DEV_NULL_ERR,"Error in
Certificate::setV3Extention(), Extensions can't be set");
X509_add_ext(_d_cert,ex, -1) ;
X509_EXTENSION_free(ex); // free temp extension
With this value, if there is no exception thrown, i only have the keyid
part...
How can i set this extension ??
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
