"Hellan,Kim KHE" wrote:
>
> Hi
>
> I'm trying to make a CA signed certificate. I already have composed/loaded
> all of the following "parts" for the certificate:
>
> EVP_PKEY* pCAKey; /* CA private key */
> X509* pCACert; /* CA root certificate */
> X509_NAME* pX509Subject; /* Certificate subject */
> EVP_PKEY* pPubKey; /* Certificate public key */
> STACK_OF(X509_EXTENSION)* pExtensions; /* X509v3 extensions */
> unsigned long ulNoDaysValid; /* Valid_from is the current time */
> unsigned long ulCertSerialNo;
>
> Now I "just" need to combine all this into a certificate. I have looked at
> the CA/X509 apps, but its a bit confusing since they contain a lot of code
> that I don't really need, since I have all the "parts" ready and I don't use
> a config file. I also looked at the X509_Certify() function, but it has so
> many arguments and some of them I don't event know what are.
>
> I would really appreciate if someone could help me how to get the last bit
> of the way, composing and signing the certificate.
> Any hints are welcome!
>
There's a simpler example in demos/selfsign.c . This creates self signed
certificates but its easy enough to adapt.
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
