PKCS#10 CSR generation and bulky crypto library - Re: Questions about legacy apps/req.c code
Jordan Brown
openssl at jordan.maileater.net
Thu Dec 23 01:14:54 UTC 2021
On 12/22/2021 1:33 PM, Philip Prindeville wrote:
> Should supporting openssl.cnf be part of the library API, or
> externally handled in the command-line utility where it then passes in
> the values extracted from that file?
I don't know how openssl.cnf factors into CSR creation with existing
tools. The implementation that I did was entirely controlled by the
application and did not involve openssl.cnf.
I don't have an opinion on whether there should be a convenient way to
draw values from openssl.cnf into a CSR. I would certainly start with
generating the CSR entirely from API calls, since that's the more
general case.
--
Jordan Brown, Oracle ZFS Storage Appliance, Oracle Solaris
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20211223/93f4743c/attachment.htm>
More information about the openssl-users
mailing list