On Wednesday 30 May 2007 15:28:17 Bruno Costacurta wrote: > On Friday 25 May 2007 09:54:22 [EMAIL PROTECTED] wrote: > > Bruno, > > > > A database line is structured as followed: > > > > 1. state of the cert (V=valid, R=revoked, E=expired where the state is > > not changes automatically if a cert expires) 2. end of validity > > 3. revocation time (empty when the cert ist not revoked) > > 4. serial number in hex > > 5. Where the cert can be found (only value is "unknown" today) > > 6. Name of certificate holder (normally the DN) > > > > Regards > > > > Thomas > > > > > -----Ursprüngliche Nachricht----- > > > Von: [EMAIL PROTECTED] > > > [mailto:[EMAIL PROTECTED] Im Auftrag von Bruno > > > Costacurta > > > Gesendet: Donnerstag, 24. Mai 2007 17:30 > > > An: openssl-users@openssl.org > > > Betreff: Database file structure > > > > > > Dears, > > > > > > just for curiosity, > > > what are the structure & description of the database file > > > (often) called 'index' and which corresponds in fact to the > > > parameter 'database' in openssl.cnf ? > > > Please find a sample hereafter as it's mainly human readable. > > > > > > Thanks for any info. > > > Bye, > > > Bruno > > > > > > ... > > > V 100221212735Z 03 unknown /C=BE/ST=Brussels > > > Region/L=Brussels/O=Acme.org/CN=acer9100 radius > > > client/[EMAIL PROTECTED] > > > V 100523143810Z 04 unknown /C=BE/ST=Brussels > > > Region/L=Brussels/O=Acme.org/CN=pc34ghz.org/emailAddress=bruno > > > @Acme.org > > > V 100523144327Z 05 unknown /C=BE/ST=Brussels > > > Region/L=Brussels/O=Acme.org/CN=pc34ghz.org/emailAddress=bruno > > > @Acme.org > > > V 100523151137Z 06 unknown /C=BE/ST=Brussels > > > Region/L=Brussels/O=Acme.org/CN=Bruno > > > Acme/[EMAIL PROTECTED]/description=test only > > > V 100523151243Z 07 unknown /C=BE/ST=Brussels > > > Region/L=Brussels/O=Acme.org/CN=pc34ghz.org/emailAddress=bruno > > > @Acme.org/description=for > > > apache2 SSL server & client > > > ... > > > > > > -- > > > PGP key ID: 0x2e604d51 > > > Key : http://www.costacurta.org/keys/bruno_costacurta_pgp_key.html > > > Key fingerprint = 713F 7956 9441 7DEF 58ED 1951 7E07 569B 2E60 4D51 > > > -- > > > > Atos Origin GmbH, Theodor-Althoff-Str. 47, D-45133 Essen, Postfach 100 > > 123, D-45001 Essen Telefon: +49 201 4305 0, Fax: +49 201 4305 689095, > > www.atosorigin.de Dresdner Bank AG, Hamburg: Kto. 0954411200, BLZ 200 800 > > 00, Swift Code DRESDEFF200, IBAN DE69200800000954411200 Geschftsfhrer: > > Dominique Illien, Handelsregister Essen HRB 19354, Ust.-ID.-Nr.: > > DE147861238 > > ______________________________________________________________________ > > OpenSSL Project http://www.openssl.org > > User Support Mailing List openssl-users@openssl.org > > Automated List Manager [EMAIL PROTECTED] > > Thanks for details. > In fact, I expected to see the fingerprint of the certificate stored > somewhere in index.txt file (as CN is not a unique id within the CA). > Any reason not to store the fingerprint ? > > Thanks for attention. > Bruno
My here-before email was quite incorrect : indeed the serial number of the certificate allows of course a unique selection within the CA. Bye, Bruno -- PGP key ID: 0x2e604d51 Key : http://www.costacurta.org/keys/bruno_costacurta_pgp_key.html Key fingerprint = 713F 7956 9441 7DEF 58ED 1951 7E07 569B 2E60 4D51 --
pgpGogfT8lnVb.pgp
Description: PGP signature
