On Wed, Jan 22, 2014, wizzbert wrote: > > Below is my call stack. Using this, I get a lot of extra information in the > CSR that is not needed, below the call stack. I think the "extra" data is > actually incorrect and I do not need it as part of the CSR. Is there a way I > can just cut off this extra data? (Remember in code so no command line > interaction). > [snip] > > >>>Extra items in the CSR that I do not want/need>>>> > Field Type: prime-field > Prime: > 00:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff: > ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff: > ff:ff:fe:ff:ff:ff:ff:00:00:00:00:00:00:00:00: > ff:ff:ff:ff [snip]
You need to set the EC_KEY to use the named curve option which isn't the default. You can do that with: EC_KEY_set_asn1_flag(eckey, OPENSSL_EC_NAMED_CURVE); Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
