[openssl-users] How to add CT Precertificate SCTs to a server certificate?

Salz, Rich rsalz at akamai.com
Mon Apr 20 13:57:47 UTC 2015


> How do we use `openssl req` and a CONF file to add the information
> (assuming we already have the certified timestamps)?

Ouch, that's gonna be nasty.  Look at ASN1_generate_nconf.pod  Most likely have to use the SEQUENCE type, recursively.  Ouch indeed.

A patch to let you specify the DER directly would be useful.

--  
Senior Architect, Akamai Technologies
IM: richsalz at jabber.at Twitter: RichSalz


More information about the openssl-users mailing list