X509 CSR signed with card key

Dubravszky József mail at joed.hu
Mon Feb 23 00:33:57 CET 2015


Hello,

 

I was not able to find a solution in the archives, so I post it here.

 

I need to generate X509 Certificate Signing Requests for one of my GnuPG
subkeys stored on an OpenPGP card. Now I need a mediator tool (openpgp2ssh
from The Monkeysphere Project) to convert my private key to PEM format that
can be used to make CSR with OpenSSL. It is rather tedious and I need to use
a special separated environment to access private keys. 

Is there any way to create an X509 CSR signed with the private key stored on
the card? Or any means where OpenSSL creates the CSR and asks the card to
sign the request with the card key?

 

I know these are different worlds, but I need to make them meet somehow.

 

Thanks.

 

 

Dubravszky József

 <mailto:mail at joed.hu> mail at joed.hu

+36 30 435 7816

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20150223/d9355000/attachment.html>


More information about the Gnupg-users mailing list