PEM_read_PrivateKey does not return private key
Hi, I searched for this function on net and got lot of threads, but couldn't solve my problem. My problem is as follows.. I have generated a RSA key using OenSSL and stored it in a PEM file. When i try to read it using above function , the structure returned to me by PEM_read_PrivateKey is NULL( i mean it does not contain anything). Anybody having any idea about this issue?? I tried even the DER format, tried to convert it into binary format and read using d2i_RSA_PUBKEY, but no luck. Any help is highly appreciated. Thanks Regards Shalmi -- View this message in context: http://www.nabble.com/PEM_read_PrivateKey-does-not-return-private-key-tf4633115.html#a13230138 Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: PEM_read_PrivateKey does not return private key
Hi, I have a private CA certificate created using openssl command line. The issue is that the certificate expires on 19th Oct, 2007. The question is that Is it possible to extend the expiry of this certificate without changing any other fields in the certificate? Basically, I want to continue using this CA Cert to sign end-user certs for a longer time. Any help will be appreciated. Thanks.
Re: PEM_read_PrivateKey does not return private key
I have a private CA certificate created using openssl command line. The issue is that the certificate expires on 19th Oct, 2007. The question is that Is it possible to extend the expiry of this certificate without changing any other fields in the certificate? Basically, I want to continue using this CA Cert to sign end-user certs for a longer time. Any help will be appreciated. Thanks. Use the same key and the same DN and the cert will continue to act as a valid CA for any other certs you have signed. However, any site that has cached your CA cert will have to get the new one. Theirs will expire soon. Jim __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: PEM_read_PrivateKey does not return private key
On Wed, Oct 17, 2007 at 12:43:03PM -0700, Jim Fox wrote: I have a private CA certificate created using openssl command line. The issue is that the certificate expires on 19th Oct, 2007. The question is that Is it possible to extend the expiry of this certificate without changing any other fields in the certificate? Basically, I want to continue using this CA Cert to sign end-user certs for a longer time. Any help will be appreciated. Thanks. Use the same key and the same DN and the cert will continue to act as a valid CA for any other certs you have signed. Also the same serial number and authority identifier in v3 extensions if present in the expiring CA cert, for example: ... Serial Number: c5:30:80:16:44:78:d9:12 ... X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: F1:EF:77:42:18:C4:D6:E2:6D:1C:3D:A8:02:BE:E2:F3:E4:6E:50:40 X509v3 Authority Key Identifier: keyid:F1:EF:77:42:18:C4:D6:E2:6D:1C:3D:A8:02:BE:E2:F3:E4:6E:50:40 DirName:CA DN serial:C5:30:80:16:44:78:D9:12 ... If any of this information changes, certificates will fail verification. -- Viktor. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]