Thanks for your detailed answer!
The problem is the root cause of the multi-threaded operation.
When I use a mutex in the signature and verifying it can work.
--
View this message in context:
On 28/11/13 15:14, Erwann Abalea wrote:
How nice, they're asking for a self-signed certificate to include a
specific EKU to indicate it's a Trust Anchor, and the OID used for this
has never been allocated. Crazy.
It's crazier than that. RFC5906 seems to think it can put a string into
the EKU
Dear OpenSSL Team,
Do you have some installation guide/Deployment guide for this product to do a
Private CA server. And how to do a CSR / CRL / Revoke Cert.
Best regards,
Charnchai Sathianpattaratane
Senior Pre-sales Engineer
Enterprise Systems
The Value
Sample abstract code, you should see this extension in your x509 when you
use the openssl x509 -in mycsr -text
You have to register an OID, I just picked one at random.
os =ASN1_OCTET_STRING_new();
nid = OBJ_create(1.3.18.0.2.10.8, myalias, myaliasname);
On Thu, Nov 28, 2013, Erwann Abalea wrote:
How nice, they're asking for a self-signed certificate to include a
specific EKU to indicate it's a Trust Anchor, and the OID used for
this has never been allocated. Crazy.
I just looked at OpenSSL's objects.txt database, and found some OIDs
that
Le 28/11/2013 22:18, Rob Stradling a écrit :
On 28/11/13 15:14, Erwann Abalea wrote:
How nice, they're asking for a self-signed certificate to include a
specific EKU to indicate it's a Trust Anchor, and the OID used for this
has never been allocated. Crazy.
It's crazier than that. RFC5906
Le 29/11/2013 16:25, Dr. Stephen Henson a écrit :
On Thu, Nov 28, 2013, Erwann Abalea wrote:
How nice, they're asking for a self-signed certificate to include a
specific EKU to indicate it's a Trust Anchor, and the OID used for
this has never been allocated. Crazy.
I just looked at OpenSSL's
Le 29/11/2013 17:53, Erwann Abalea a écrit :
Le 29/11/2013 16:25, Dr. Stephen Henson a écrit :
Changing OIDs in the table is problematical. If anything uses them it could
break them in all sorts of ways. The NID_* entries would change and text based
lookup would no longer work.
The reference
On Fri, Nov 29, 2013, Erwann Abalea wrote:
Le 29/11/2013 17:53, Erwann Abalea a écrit :
Le 29/11/2013 16:25, Dr. Stephen Henson a écrit :
Changing OIDs in the table is problematical. If anything uses them it could
break them in all sorts of ways. The NID_* entries would change and text