Discussion:
certificates
Amir Reda
2014-09-30 17:54:54 UTC
Permalink
dear all
hope all are well. i have made a client server code the server is the
certificate authority and the client send a certificate request the server
got the request and reply with a certificate i have tried to put the
certificate in a file in a pem format in order to make sure the certificate
has been created but nothing created. and there are no compilation error

please just try the code i can't see anything wrong with it please help

2- if i want to send the generated certificate to another client and make a
verification code for that how can i made something like that i have
searched in crypto
https://www.openssl.org/docs/crypto/x509.html#
but i couldn't find any function to do that

thx allot for help
--
Warmest regards and best wishes for a good health,*urs sincerely *
*mero*
Thulasi Goriparthi
2014-10-01 06:10:32 UTC
Permalink
Server shall use it's own private key to sign the cert req. Your code is
trying to use public key from the certificate request.

Use
*X509_sign(m_req_reply, m_pukey, EVP_md5()); *
instead of
*X509_sign(m_req_reply, pkey, EVP_md5());*

Your notation is little confusing. When an RSA structure is assigned to
EVP_PKEY structure, EVP_PKEY holds both public and private components. So,
naming it m_pukey is not justified.

In Client's SetCert function, where are you writing out the cert? out is
pointing to NULL.

Thanks,
Thulasi.
Post by Amir Reda
dear all
hope all are well. i have made a client server code the server is the
certificate authority and the client send a certificate request the server
got the request and reply with a certificate i have tried to put the
certificate in a file in a pem format in order to make sure the certificate
has been created but nothing created. and there are no compilation error
please just try the code i can't see anything wrong with it please help
2- if i want to send the generated certificate to another client and make
a verification code for that how can i made something like that i have
searched in crypto
https://www.openssl.org/docs/crypto/x509.html#
but i couldn't find any function to do that
thx allot for help
--
Warmest regards and best wishes for a good health,*urs sincerely *
*mero*
Amir Reda
2014-10-01 18:47:19 UTC
Permalink
thx allot sir for reply the problem has been solved i have modified the
code with the new one i attached

but the problem now the pem file is empty when i tried to open it with
gedit also it has 0 byte size

thx for help

On Wed, Oct 1, 2014 at 8:10 AM, Thulasi Goriparthi <
Post by Thulasi Goriparthi
Server shall use it's own private key to sign the cert req. Your code is
trying to use public key from the certificate request.
Use
*X509_sign(m_req_reply, m_pukey, EVP_md5()); *
instead of
*X509_sign(m_req_reply, pkey, EVP_md5());*
Your notation is little confusing. When an RSA structure is assigned to
EVP_PKEY structure, EVP_PKEY holds both public and private components. So,
naming it m_pukey is not justified.
In Client's SetCert function, where are you writing out the cert? out is
pointing to NULL.
Thanks,
Thulasi.
Post by Amir Reda
dear all
hope all are well. i have made a client server code the server is the
certificate authority and the client send a certificate request the server
got the request and reply with a certificate i have tried to put the
certificate in a file in a pem format in order to make sure the certificate
has been created but nothing created. and there are no compilation error
please just try the code i can't see anything wrong with it please help
2- if i want to send the generated certificate to another client and make
a verification code for that how can i made something like that i have
searched in crypto
https://www.openssl.org/docs/crypto/x509.html#
but i couldn't find any function to do that
thx allot for help
--
Warmest regards and best wishes for a good health,*urs sincerely *
*mero*
--
Warmest regards and best wishes for a good health,*urs sincerely *
*mero*
Loading...