R: CSR with only public key
Francesco Petruzzi
francesco.petruzzi at innovery.net
Thu Sep 12 08:41:24 UTC 2019
Sign request with a fake private key and hope the client do not require signature verification.
Regards
Francesco Petruzzi
Da: openssl-users [mailto:openssl-users-bounces at openssl.org] Per conto di Paul Yang via openssl-users
Inviato: giovedì 12 settembre 2019 09:51
A: Bharathi Prasad
Cc: Openssl Users
Oggetto: Re: CSR with only public key
How could you create the CSR with only public key?
On Sep 12, 2019, at 3:50 PM, Bharathi Prasad <barati.j.prasad at gmail.com<mailto:barati.j.prasad at gmail.com>> wrote:
Hi,
I have the public key of the client but not the private key. I am required
to generate a CSR with only public key. I understand private key is required
for Proof of Possession. However, as per my requirement I am supposed to
create CSR only with public key and my CA would create a certificate.
I was able to create a CSR with CX509CertificateRequestCertificate and
CX509Enrollment classes using the available public key. When I try to read
the contents the of CSR in openssl (i used this command: openssl req -in
client.csr -noout -text) i get "unable to load X509 request".
Is this happening because the CSR does not contain the signature of private
key or the CSR is faulty.
Kindly help me.
Regards,
Bharathi
--
Sent from: http://openssl.6102.n7.nabble.com/OpenSSL-User-f3.html
Regards,
Paul Yang
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20190912/aefd8cb2/attachment.html>
More information about the openssl-users
mailing list