> kiyoshi> Is there any command that generates a cross certificate pair, or > kiyoshi> only the ASN.1 data structure? > > No. The certificate pair is basically only useful for storing in an > X.500 or LDAP directory, so I saw no use for saving it on file. Maybe > it would be useful still, either saved in PEM format, or perhaps in > ldif format...
Yes. The pair is used for the LDAP directory. Ldif file conversion is useful, but some other tool might have this feature already? In addition, I never see the cross certificate pair in PEM format. Usually see it in DER format. Sometimes the cross certificate pair are requested to provide to the LDAP directory operator of cross certification partners, just to make sure that what they stores matches what we generated. With Best Regards, -Kiyoshi Kiyoshi Watanabe ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
