On 10/16/2013 05:49 PM, Juan Miscaro wrote: > On 16 October 2013 16:25, Daniel Kahn Gillmor <[email protected]> wrote: > >> On 10/16/2013 03:05 PM, Juan Miscaro wrote: >> >> >>> Thank you sir but I don't see the --pubkey-info option in the certtool >> man >>> page. >> >> what version of gnutls are you using? you can find the answer with >> "certtool --version" >> >> the above examples were tested with 3.2.4. >> >> > My Debian research system has but only 2.12.14. I have access to a more > modern chassis but it still has only 2.12.23 .
if you're using a version from the 2.12 branch, then you'll want to
create certificate requests for the intermediate ca and the end entity
instead of explicitly extracting their public keys. you can do this
with (for example, you can sort out the other options:
certtool --load-privkey intermediate-ca.key \
--generate-request > intermediate-ca.crq
and answer the various questions.
then, when doing the --generate-certificate command to make the
intermediate CA's cert, instead of:
--load-pubkey intermediate-ca.pubkey
you should use:
--load-request intermediate-ca.crq
follow the same pattern for the end entity.
make sense?
--dkg
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnutls-help mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-help
