RE: what it is X509_STORE ?

[sarym binome]

hello
i thank you very much sir,
 i'v other question , where i
put the  name of signature algorithm which i use it to sign a
certificate , cause in my config file i put only the MD5 function (but
it is a hash function and i can't use it to sign, am i wrong??)
in my sslcreat.pl
# create request config file (look please the bold underlined ligne )
sub create_ca_config_file {

    my ($file) = @_;

    open TMP, ">$file";
    print TMP "[ ca ]\n";
    print TMP "default_ca = CA_default\n";
    print TMP "[ CA_default ]\n";
    print TMP "dir = $ARAN_CA_DIR\n";
    print TMP "database = \$dir/index.txt\n";
    print TMP "new_certs_dir = \$dir/newcerts\n";
    print TMP "certificate = \$dir/cacert.pem\n";
    print TMP "serial = \$dir/serial\n";
    print TMP "private_key = \$dir/private/cakey.pem\n";
    print TMP "RANDFILE = \$dir/private/.rand\n";
    print TMP "\n";
    print TMP "default_days = $ARAN_CA_DAYS\n";
    print TMP "default_crl_days = 30\n";
    print TMP "default_md = md5\n";
    print TMP "\n";
    print TMP "policy = policy_any\n";
    print TMP "\n";
    print TMP "[ policy_any ]\n";
    print TMP "countryName = optional\n";
    print TMP "stateOrProvinceName = optional\n";
    print TMP "organizationName = optional\n";
    print TMP "organizationalUnitName = optional\n";
    print TMP "commonName = supplied\n";
    print TMP "emailAddress = optional\n";
    print TMP "\n";
    print TMP "[ req ]\n";
    print TMP "default_bits = 1024\n";
    print TMP "distinguished_name = req_distinguished_name\n";
    print TMP "prompt = no\n";
    print TMP "\n";
    print TMP "[ req_distinguished_name ]\n";
    print TMP "CN = ARAN CA\n";
    print TMP "\n";
    close TMP;

}

best regards



> Date: Tue, 24 Feb 2009 08:34:54 +0100
> Subject: Re: what it is X509_STORE ?
> From: toondel...@gmail.com
> To: openssl-users@openssl.org
> 
> It is a certificate memory store where you should put your
> certificates (CA, root etc..) of your trusted path that are needed by
> your application for signature verifycation. Thjis is also the place
> you will put your CRL.
> 
> Have a look at X509_STORE _xxx and  X509_load_xxx. functions. You
> might also consider using PEM_read_xxx fnuctions for your signing
> certificate.
> 
> regards
> 
> Emmanuel
> 
> 2009/2/24 sarym binome <binome_...@hotmail.com>:
> > hello
> > i try create a X509 certificate for a CA and certificates signed by the CA ,
> > and i want to check it (verify it) , somebody tell me what it is X509_STORE
> > ?
> > thanks.
> >
> > ________________________________
> > Tous vos amis discutent sur Messenger, et vous ? Téléchargez Messenger,
> > c'est gratuit !
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> User Support Mailing List                    openssl-users@openssl.org
> Automated List Manager                           majord...@openssl.org

_________________________________________________________________
Découvrez toutes les possibilités de communication avec vos proches
http://www.microsoft.com/windows/windowslive/default.aspx