On Sun, Aug 07, 2011, Luke Kenneth Casson Leighton wrote: > folks, hi, > > i have access to a text dump of an SSL certificate: it's in the format > expected of the openssl x509 "-text" dump format. i do *NOT* have > access to the quotes original quotes x509 certificate. therefore, it > is necessary to recreate it. > > does anyone have a clue as to how this can be achieved? am happy to > write code to do it (c or python) but would prefer not to. > > this is for a number of different purposes including some free > software projects. >
Well it isn't possible to do that consistently because some of the certificate data can be ambiguous with the default -text output. For example the DN can be encoded in many different ways. If there are unsupported extensions that could be a major problem too. If you have a certificate issued by the same CA that would make things easier but it would still be a rather hit and miss affair. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
