I have two answers. 1. This is an OpenSSL question and should be directed to an OpenSSL forum
2. Browsers indeed have different key-generation methods but they do have one thing in common: the methods are completely useless, not even PIN protection is a part of the plot unless you use pre-configured hard tokens Anders ----- Original Message ----- From: tito To: [email protected] Sent: Friday, May 29, 2009 06:51 Subject: how to sign CRMF/SPKAC using openssl Hi , I am making a CA site for my college project purpose.I learned that different browsers use different methods to generate CSR.Making CSR in IE was easy.For vista systems I used CertEnroll.dll methods and for non-vista IE i used xenroll.dll.I generated CSR in javascript successfully using that. it is in PKCS10. I want to make my project compatible for mozilla and opera too i want to do the same for mozilla too but i guess mozilla method doesnt generate PKCS10 format Then i came across generateCRMF and keygen tags..keygen is not recommended i guess. how to sign the CRMF request key i get in openssl ? if i am using keygen tag, i think it gives SPKAC format..can we sign SPKAC using openssl ? i am able to generate CRMF and SPKAC..but doesnt know how to sign those in openssl.please help me in regard with this.. ..thanks a lot. -- dev-tech-crypto mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-crypto -- dev-tech-crypto mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-crypto
