Hi,
In addition to the below queries we have one more query in our mind. Please help us in answering to all those. 1. Does OpenSSL support SHA-256 hash Algorithm before signing certificate? Regards ManasL From: Manas Ranjan Lenka Sent: 28 May 2012 18:41 To: '[email protected]' Subject: Clarification regarding extension supported in OpenSSL certificates. Hi, We are using openSSL command line tool for generating version 3 CA certificates as well IKE initiator/Responder certificates. We have the following doubts in our mind, Could you please clarify the same. 1. Does openSSL support version 3 certificate which is compliant to RFC 5280? 2. Does openSSL supports the following (Mandatory/Optional) extensions for CA Certificate as per section 6.1.4 of 3GPP spec TS 33.310. Mandatory: 1. key usage: keyCertSign and cRLSign. 2. basic constraints: CA=True, path length 0. Optional: 3. authority key identifier. 4. subject key identifier. Regards Manas Lenka
