> > cert_extension_2 = X509.new_extension("keyUsage", "101000000")
>
> Maybe your OpenSSL is too old. keyUsage needs to be defined in OpenSSL
> obj_dat.h file for this to work.
I am using OpenSSL version 0.9.8k-fips which is the latest version.
I replaced:
cert_extension_2 = X509.new_extension("keyUsage", "101000000")
with:
cert_extension_2 = X509.new_extension("keyUsage", "keyCertSign,
cRLSign")
which worked for me.
Also I found an easy way to iterate through the extension stack using:
cert = X509.X509()
for e in cert_extension_stack:
cert.add_ext(e)
> > cert_extension_3 = X509.new_extension("subjectAlternativeName",
> > "DNS:www.mydomain.tld")
> And I believe you mispelled this, try subjectAltName.
Changing "subjectAlternativeName" to "subjectAltName" did the trick.
Thank you!
--
http://mail.python.org/mailman/listinfo/python-list
