[Help-gnutls] Creating self-signed certicates using the GnuTLS APi

Alex Hudson home at alexhudson.com
Wed Jun 20 14:04:08 CEST 2007


I'm having trouble creating a self-signed certificate.

I've created the private key fine, and then attempt to do something

	gnutls_x509_crt_set_activation_time(certificate, time(NULL));
	gnutls_x509_crt_set_expiration_time(certificate, time(NULL) + (700 * 24
* 60 * 60));
	gnutls_x509_crt_set_key(certificate, key);
	gnutls_x509_crt_set_version(certificate, 1);
	gnutls_x509_crt_set_serial(certificate, &cert_version, sizeof(int));

... but with more error-checking. I then use
gnutls_x509_crt_set_dn_by_oid() to set some more data on the
certificate, and gnutls_x509_crt_set_key_usage(), but when I come to use
gnutls_x509_crt_export() I get:

	ASN1 parser: Value was not found.

It seems I'm doing something pretty basically wrong. I've tried
following what certtool does, but to be honest I got lost :D 

Am I doing something clearly wrong? Are there any plain examples I could
look at?

Many thanks,


More information about the Gnutls-help mailing list