wgriffin wrote:
>
> I've been trying to create them, and I can create the request, as long as I
> don't sign it. I can also sign the request with the CA's DSA key and
> everything appears to work okay. When I use the x509 cl program to view the
> certificate with x509 -text -in endkeyx.out however, it segfaults trying to
> display the Subject Public Key Info. Are there any patches available that I
> could use to get this to work? Thanks in advance.
>
OpenSSL doesn't currently support DH certificates. Also although various
specs mandate their use (S/MIME v3 for example) I've yet to see an
example: if you have one let me know!
I think OpenSSL DH isn't quite the same as that used by PKIX. The
parameters and OIDs used are different.
DH certificate support is something I certainly intend to do at some
point but I can't say when at present.
Steve.
--
Dr Stephen N. Henson. UK based freelance Cryptographic Consultant.
For info see homepage at http://www.drh-consultancy.demon.co.uk/
Email: [EMAIL PROTECTED]
NOTE NEW (13/12/98) PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
