On Fri, Jul 05, 2002, Justin Georgeson wrote: > I'm working on a project that needs SSL on a J2ME platform. There's an > implementation called kSSL, which I think is still alpha, so there's a > good chance that's %95 of the problem. We currently suspect this > implementation needs x509 v1 certificates, but OpenSSL seems to generate > v 3 certificates (note: that's the version of x509, not ssl). I don't > see anything about different versions of x509 in the man page for req. I > don't mind hearing that I can't do v1 with OpenSSL (but finding out how > would sure be nice). Thanks. >
If you comment out the relevant line in the config file (openssl.cnf) which specifies the extension section you should end up with a V1 certificate. By default these are: x509_extensions = usr_cert in the CA_default section (used by 'ca') and x509_extensions = v3_ca in the req section (used by 'req'). Steve. -- Dr. Stephen Henson [EMAIL PROTECTED] OpenSSL Project http://www.openssl.org/~steve/ ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
