I have two questions on generating certificates using OpenSSL: 1) I must generate client certificates with a subjectUniqueIdentifier field. I know it's been deprecated by the IETF, but the project I am working on requires its presence. I can set it to any value, as long as I set it to something. How can I configure OpenSSL to generate this field? 2) Everything must be DER encoded. I can get a certificate in DER format once the cert is signed. Unfortunatly, in order to get the cert signed, the private key must be in PEM format. Can I convert the PEM formatted private key to DER? If not, how can I sign certificates with a DER formatted private key? All help is appreciated!! Scott Barman -- Scott Barman Mitretek Systems, Inc. [EMAIL PROTECTED] 7525 Colshire Drive, Mail Stop Z580 (703)610-1794 McLean, Virginia 22102 ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
