Hi all
First of all, thank you so much for the answers about JAVA-OpenSSL, those really were help full for me. In another time I will detail what I'm trying to do, even though JNI profiles like my solution.
This time my question is about to include in a X509_REQ a subfield which contain the serial number and de DN of the "installer", let me explain you a little bit:
My workteam is trying to install an application (client) oriented to get information of the PC's of our organization, the client is installed with the approval and authorization of an "installer (a human), which supplies his certificate and his private key (for auditing purpouse). After this, the installer program make a CSR and sign it with the installer private key and sends to the CA. The CA verifies the request and if it was signed by an "valid installer" then sign and issue the certificate and notifies to the installer program.
At this moment we have only one "installer" but in the future there will be a lot of them ..... I've been thinking that could be a good idea add in the CSR the serial number and the DN of the installer in order to the CA could search for the serial number and/or DN in the certs database.
I thought use REQ extensions but I don't know if this is possible and how to do this.
Thanks in advance for your replies
Zainos
Do You Yahoo!?
Yahoo! Net: La mejor conexión a internet y 25MB extra a tu correo por $100 al mes.
