Zach C. wrote: > I'm fully aware that I can currently generate the Root and Host certificates > without a problem in GnuTLS. The problem I'm having, though, is that I > *need* to be able to generate a certificate around the public key sent by > the iPhone and then sign that certificate with the root private key. I'm > wondering if that's possible in GnuTLS... I was considering doing a > gnutls_x509_privkey_import_rsa_raw and *only* setting the modulus and public > exponent (however I would get them), but I'm not sure if that would work or > if GnuTLS would throw an error out about it. And if it did it properly, > whether setting the new "private key" struct on a new certificate would do > what I'm describing here.
It could work but I'm not sure since it was never designed to be like this. The best way would be to try it and see if it works. As I see it the best way for this to work would be to have a gnutls_crq_import_key_raw() that would create a certificate request with these parameters and then you could create a certificate using this request. It is already in my todo list. regards, Nikos _______________________________________________ Help-gnutls mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-gnutls
