Hello once again
Now I have the extension-patch [0] applied to the M2Crypto SVN branch
(revision 704). Creating a root and an subRoot CA certificate now works
great including the SKID/AKID extensions.
I am also able to verify those created certificates using:
$ openssl verify -CAfile rootCA.crt
Now I have this patch applied to the M2Crypto SVN branch
--
http://mail.python.org/mailman/listinfo/python-list
Matthias Güntert wrote:
M2Crypto has a couple of bugs open related that, with potential
workarounds that I haven't yet deemed polished enough to checkin, but
which might help you out:
https://bugzilla.osafoundation.org/show_bug.cgi?id=7530
https://bugzilla.osafoundation.org/show_bug.cgi?id=12151
> M2Crypto has a couple of bugs open related that, with potential
> workarounds that I haven't yet deemed polished enough to checkin, but
> which might help you out:
>
> https://bugzilla.osafoundation.org/show_bug.cgi?id=7530
> https://bugzilla.osafoundation.org/show_bug.cgi?id=12151
Thanks, that
Matthias Güntert wrote:
> I am trying to add the extensions "subjectKeyIdentifier" and
> "authorityKeyIdentifier" to a x509v3 certificate.
M2Crypto has a couple of bugs open related that, with potential
workarounds that I haven't yet deemed polished enough to checkin, but
which might help you out
Hello
I am trying to add the extensions "subjectKeyIdentifier" and
"authorityKeyIdentifier" to a x509v3 certificate.
Regarding rfc5280, section 4.2.1.2 the key identifier is composed of the
160-bit SHA-1 hash of the BIT STRING subjectPublicKey
http://tools.ietf.org/html/rfc5280#section-4.2.1.2
