d to.
Any thoughts?
Thanks in advance
Michael Weiner
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated Li
ray v wrote:
Ok I figured it out, doh!
Here's part of my openssl command
openssl x509 -req -days $days -in $csrfile -extfile
extfile -extensions extend
I use -extfile and -extensions
Here's my extfile
extensions = extend
[ extend ]
keyUsage = digitalSignature
extendedKeyUsage = clientAuth
nsCer
ray v wrote:
Let me see if I understand what your saying?
I need to generate another CA certificate the has only
ssl client set yes?
This does not make sense especially if you read the
extension section in the openssl.cnf file [ usr_cert ]
which specifies that upon signing you can change the
purpos
ray v wrote:
Hi Michael,
Thanks for responding.
My problem is a little more involved then that. I'm
the CA, err using openssl can creating a CA
certificate using the v3_ca extension. I have quite a
number of certificate being used by our servers.
Recently we wanted to start generating user
certific
ray v wrote:
Hi Michael,
Thanks for responding.
My problem is a little more involved then that. I'm
the CA, err using openssl can creating a CA
certificate using the v3_ca extension. I have quite a
number of certificate being used by our servers.
Recently we wanted to start generating user
certific
ray v wrote:
Hello all!
I'm looking for ways to turn off and on features in
the "Certificate purposes" are of a certificate. I've
read over extfile and extension plus looked at
basicContraints.
I'm unclear by the documentation written for openssl,
x509, ca, etc., just how to do this. Can someone
hat that *is* a valid option. Thank you Charles!
Michael Weiner
signature.asc
Description: This is a digitally signed message part
On Wed, 2004-11-24 at 15:36 +0100, Richard Levitte - VMS Whacker wrote:
> In message <[EMAIL PROTECTED]> on Wed, 24 Nov 2004 09:11:40 -0500, Michael
> Weiner <[EMAIL PROTECTED]> said:
>
> hunter> Is there a way to "force" a serial number on a created
>
Is there a way to "force" a serial number on a created certificate? I
have written an automated job that creates a signing certificate every 7
days but for some reason the serial numbers in the certificates is
always 0. Any thoughts?
Thank you in advance
Michael Weiner
signature.asc
D
his own routines, but my question is, is there
SOME way that i can get this into a PEM format without additional x509
extended key usage headers?
Many thanks in advance for any insights you can provide
Michael Weiner
signature.asc
Description: This is a digitally signed message part
10 matches
Mail list logo
