How to get the Certificate Keyusage retire error ? (lCert-ex_kusage =0)
I am using openssl 0.9.8g version . i convert the PEM certificate file to X509 format and try to read the key usage value . Keyuage =lCertificate-ex_kusage ; Some time the keyusage = 128 Some time Keyusage is 0 for the same certificate . why this problem occurs ... -- View this message in context: http://old.nabble.com/How-to-get-the-Certificate-Keyusage-retire-error---%28lCert-%3Eex_kusage-%3D0%29-tp33556624p33556624.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: How to get the Certificate Keyusage retire error ? (lCert-ex_kusage =0)
On Wed, Apr 04, 2012, brajan wrote: I am using openssl 0.9.8g version . i convert the PEM certificate file to X509 format and try to read the key usage value . Keyuage =lCertificate-ex_kusage ; Some time the keyusage = 128 Some time Keyusage is 0 for the same certificate . why this problem occurs ... You need to ensure that that information is set up. Call X509_check_purpose(cert, -1, 0) first. An alternative way to decode any extension is to use: X509_get_ext_d2i(). Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: How to get the Certificate Keyusage retire error ? (lCert-ex_kusage =0)
On 04/04/2012 02:51 PM, brajan wrote: I am using openssl 0.9.8g version . i convert the PEM certificate file to X509 format and try to read the key usage value . Keyuage =lCertificate-ex_kusage ; Some time the keyusage = 128 Some time Keyusage is 0 for the same certificate . why this problem occurs ... the flags are set by one of functions in crypo/v3_purp.c try callX509_check_ca(lCertificate) before accessing __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org