[openssl-users] Converting Bin format to X509 format

Anirudh Raghunath anirudhraghunath at rocketmail.com
Wed Jul 22 09:57:16 UTC 2015

Thanks for the quick response. I am currently working with smart cards and am using the engine provided by openSC to access the private key in the smart card. Long story short I have the EVP_PKEY object with me. Can I use this to sign a certificate or some file which can be used for SSL client verification. 

     On Wednesday, 22 July 2015 11:52 AM, Erwann Abalea <erwann.abalea at opentrust.com> wrote:

An X.509 certificate is:
Certificate  ::=  SEQUENCE  {        tbsCertificate       TBSCertificate,        signatureAlgorithm   AlgorithmIdentifier,        signatureValue       BIT STRING  }
What you produced with « openssl rsautl -sign » is the content of the « signatureValue » element (not its BIT STRING structure, only the inner content).What is missing is all the rest, and it can’t be produced by the sole « openssl x509 … » command.
Please refine your question.
Cordialement,Erwann Abalea

Le 22 juil. 2015 à 11:17, Anirudh Raghunath <anirudhraghunath at rocketmail.com> a écrit :
I have used rsault -sign option to sign a text file which gives me a binary file. I would like to convert this to X509 so that I can use it in a ssl handshake. I understand the command:
openssl x509 -inform <format> -in <certfile> -out <cert.pem> 
is used. I want to know what the parameters would be for a binary input file.
Thanks in advance. _______________________________________________
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150722/9f538bec/attachment.html>

More information about the openssl-users mailing list