[openssl-users] Converting Bin format to X509 format
Anirudh Raghunath
anirudhraghunath at rocketmail.com
Wed Jul 22 09:57:16 UTC 2015
Thanks for the quick response. I am currently working with smart cards and am using the engine provided by openSC to access the private key in the smart card. Long story short I have the EVP_PKEY object with me. Can I use this to sign a certificate or some file which can be used for SSL client verification.
Merci
On Wednesday, 22 July 2015 11:52 AM, Erwann Abalea <erwann.abalea at opentrust.com> wrote:
Bonjour,
An X.509 certificate is:
Certificate ::= SEQUENCE { tbsCertificate TBSCertificate, signatureAlgorithm AlgorithmIdentifier, signatureValue BIT STRING }
What you produced with « openssl rsautl -sign » is the content of the « signatureValue » element (not its BIT STRING structure, only the inner content).What is missing is all the rest, and it can’t be produced by the sole « openssl x509 … » command.
Please refine your question.
Cordialement,Erwann Abalea
Le 22 juil. 2015 à 11:17, Anirudh Raghunath <anirudhraghunath at rocketmail.com> a écrit :
Hello,
I have used rsault -sign option to sign a text file which gives me a binary file. I would like to convert this to X509 so that I can use it in a ssl handshake. I understand the command:
openssl x509 -inform <format> -in <certfile> -out <cert.pem>
is used. I want to know what the parameters would be for a binary input file.
Thanks in advance. _______________________________________________
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150722/9f538bec/attachment.html>
More information about the openssl-users
mailing list