...@neuf.fr
> ______
> OpenSSL Project http://www.openssl.org
> User Support Mailing Listopenssl-users@openssl.org
> Automated List Manager ma
Goetz Babin-Ebell schrieb:
>
>> The key is somehow wrong, but how? And why?
> It contains only the public part of the key.
>
> The private part seems to get lost in between...
You are so right. In the course of my copy&paste work of art, I
reassigned pkey with... guess what? The certificate's publ
Hello Christopher,
--On Mai 10, 2007 11:29:25 +0200 Christopher Kunz
<[EMAIL PROTECTED]> wrote:
I have isolated the problem to the private key that seems to be
incorrectly generated.
[...]
-BEGIN RSA PRIVATE KEY-
MIGKAgEAAoGBAJHprxsQfCcjF85LdJfDfSuudh/TuLCoLWgSTBnLJ8e98RmchH0Q
frS
Hello,
I have isolated the problem to the private key that seems to be
incorrectly generated. When I take my self-created certificate and my
self-created RSA key and try to convert them to PKCS#12, the following
error occurs:
[EMAIL PROTECTED] kunz]$ openssl pkcs12 -export -in testcert.pem -inkey
On Wed, May 09, 2007, Christopher Kunz wrote:
> Dr. Stephen Henson schrieb:
> > Hmmm that error shouldn't be encountered when you load a certificate. It
> > suggests that you have an RSA private key but that it is in an invalid
> > format.
> >
> I forgot to mention that openssl x509 -text -noo
Dr. Stephen Henson schrieb:
> Hmmm that error shouldn't be encountered when you load a certificate. It
> suggests that you have an RSA private key but that it is in an invalid format.
>
I forgot to mention that openssl x509 -text -noout -in mycertchain.pem
does produce valid output, and seems to
On Wed, May 09, 2007, Christopher Kunz wrote:
> I wrote an extremely simple program to check what might be wrong with
> the certificate stack and this seems to be the problem:
>
> 15939:error:0D078079:asn1 encoding routines:ASN1_ITEM_EX_D2I:field
> missing:tasn_dec.c:391:Field=d, Type=RSA
> 15939:
Hi,
I am using the examples from the O'Reilly book "Network Security with
OpenSSL" (X.509 section) to create a CSR, push a custom extension into
it and sign that CSR with a given private key. This - in general - works
OK, but when I want to use the resulting certificate chain (I have the
signing c
Hello,
Thank you, it works like a charm.
Just have to solve the date problem, now.
- Emmanuel
Marek Marcola wrote:
> Hello,
>
>
>>In the issuer and subject fields, I must include a dnQualifierwhich is
>>a thumbprint of the corresponding public key, that is to say a SHA-1
>>hash of t
Hello,
> In the issuer and subject fields, I must include a dnQualifierwhich is
> a thumbprint of the corresponding public key, that is to say a SHA-1
> hash of the contents of the SubjectPublicKey BIT STRING in the
> SubjectPublicKeyInfo field (excluding the DER tag, length, and number o
Hello,
I have to create a certificate which is a constrained form of a X.509
certificate. I am writing an OpenSSL conf file for that. I would
appreciate some help on the few following points as I am not used to use
OpenSSL:
The validity dates should be UTCTime (2 digit years) through the year
204
Hello,
i have the requirement to embed a custom extension in a X.509 certificate. This
extension should carry
role information about the role of the certificate owner.
A single role should be expressed with a IA5String value like "User". It must
be possible
for a user to have multiple roles lik
Hi,
Check the openssl.cnf file. See nsComment in there.
Amit.
Frank Luedke wrote:
>
> How can I change the comment in a custom certificate? I am using
> Apache 1.3.9 with OpenSSL 0.9.5 and generated a few custom
> certificates. Unfortunately I haven't found out how I
13 matches
Mail list logo
