On Thu, 15 Aug 2019 00:47:41 +0200,
Michael Richardson wrote:
>
>
> Robert Moskowitz wrote:
> > I am fiddling around with an intermediate CA signing cert that the CA's
> > 'name' is it HIP (RFC 7401) HIT which is a valid IPv6 address. Actually
> a
> > Hierarchical HIT as in draft-mo
On 15/08/2019 00:33, Jordan Brown wrote:
On 8/14/2019 2:11 PM, Robert Moskowitz wrote:
[...]
commonName="/CN=IPv6::2001:24:28:24/64"
[...]
req: Hit end of string before finding the equals.
problems making Certificate Request
Some systems present distinguished names using slashes as separat
Robert Moskowitz wrote:
> I am fiddling around with an intermediate CA signing cert that the CA's
> 'name' is it HIP (RFC 7401) HIT which is a valid IPv6 address. Actually a
> Hierarchical HIT as in draft-moskowitz-hierarchical-hip (to be revised
soon).
> For a client cert, it w
On 8/14/2019 2:11 PM, Robert Moskowitz wrote:
> [...]
> commonName="/CN=IPv6::2001:24:28:24/64"
> [...]
> req: Hit end of string before finding the equals.
> problems making Certificate Request
Some systems present distinguished names using slashes as separators. I
assume that that's what you
Developing saga on creating an intermediate CA cert with only CN and
said CN should be:
CN=IPv6::2001:24:28:24/64
Note that / in CN that seems to be a challenge.
commonName="/CN=IPv6::2001:24:28:24/64"
DN=$commonName
echo $DN
openssl req -config $cadir/openssl-root.cnf\
-ke
On 8/14/19 3:26 PM, Salz, Rich wrote:
RFC 8002 (with a null subjectName), but a CA cert MUST have a non-empty
subjectName.
Non-empty subjectName or non-empty commonName within the subject name?
Shrug. Doesn't matter, I guess. Just populate it with the string version of
the HIT n
On 8/14/19 11:21 AM, Jakob Bohm via openssl-users wrote:
On 14/08/2019 04:55, Robert Moskowitz wrote:
I am fiddling around with an intermediate CA signing cert that the
CA's 'name' is it HIP (RFC 7401) HIT which is a valid IPv6 address.
Actually a Hierarchical HIT as in draft-moskowitz-hiera
RFC 8002 (with a null subjectName), but a CA cert MUST have a non-empty
subjectName.
Non-empty subjectName or non-empty commonName within the subject name?
Shrug. Doesn't matter, I guess. Just populate it with the string version of
the HIT name, something like
CN=IP Address 20
On 14/08/2019 04:55, Robert Moskowitz wrote:
I am fiddling around with an intermediate CA signing cert that the
CA's 'name' is it HIP (RFC 7401) HIT which is a valid IPv6 address.
Actually a Hierarchical HIT as in draft-moskowitz-hierarchical-hip (to
be revised soon).
For a client cert, it wo
On 8/14/19 8:42 AM, Matt Caswell wrote:
On 14/08/2019 13:21, Robert Moskowitz wrote:
On 8/14/19 6:22 AM, Matt Caswell wrote:
On 14/08/2019 11:06, Robert Moskowitz wrote:
I googled how to convert a PEM public key to DER and only found examples for RSA
keys. Mine are ed25519. I thought it
On 14/08/2019 13:21, Robert Moskowitz wrote:
>
>
> On 8/14/19 6:22 AM, Matt Caswell wrote:
>>
>> On 14/08/2019 11:06, Robert Moskowitz wrote:
>>> I googled how to convert a PEM public key to DER and only found examples
>>> for RSA
>>> keys. Mine are ed25519. I thought it would be a simple a
On 8/14/19 6:22 AM, Matt Caswell wrote:
On 14/08/2019 11:06, Robert Moskowitz wrote:
I googled how to convert a PEM public key to DER and only found examples for RSA
keys. Mine are ed25519. I thought it would be a simple algorithm substitution:
$ openssl ed25519 -pubin -inform PEM -in $di
On 14/08/2019 11:06, Robert Moskowitz wrote:
> I googled how to convert a PEM public key to DER and only found examples for
> RSA
> keys. Mine are ed25519. I thought it would be a simple algorithm
> substitution:
>
> $ openssl ed25519 -pubin -inform PEM -in $dir/private/intermediate.key.pem
I googled how to convert a PEM public key to DER and only found examples
for RSA keys. Mine are ed25519. I thought it would be a simple
algorithm substitution:
$ openssl ed25519 -pubin -inform PEM -in $dir/private/intermediate.key.pem\
> -outform DER -out $dir/private/intermediate.key.der
I
14 matches
Mail list logo
