[gnutls-help] Generating multi-layer certificates
jmiscaro at gmail.com
Sat Oct 19 16:55:33 CEST 2013
On 17 October 2013 19:30, Daniel Kahn Gillmor <dkg at fifthhorseman.net> wrote:
> On 10/16/2013 05:49 PM, Juan Miscaro wrote:
> > On 16 October 2013 16:25, Daniel Kahn Gillmor <dkg at fifthhorseman.net>
> >> On 10/16/2013 03:05 PM, Juan Miscaro wrote:
> >>> Thank you sir but I don't see the --pubkey-info option in the certtool
> >> man
> >>> page.
> >> what version of gnutls are you using? you can find the answer with
> >> "certtool --version"
> >> the above examples were tested with 3.2.4.
> > My Debian research system has but only 2.12.14. I have access to a more
> > modern chassis but it still has only 2.12.23 .
> if you're using a version from the 2.12 branch, then you'll want to
> create certificate requests for the intermediate ca and the end entity
> instead of explicitly extracting their public keys. you can do this
> with (for example, you can sort out the other options:
> certtool --load-privkey intermediate-ca.key \
> --generate-request > intermediate-ca.crq
> and answer the various questions.
> then, when doing the --generate-certificate command to make the
> intermediate CA's cert, instead of:
> --load-pubkey intermediate-ca.pubkey
> you should use:
> --load-request intermediate-ca.crq
> follow the same pattern for the end entity.
> make sense?
Indeed it does! Thank you for your time.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Gnutls-help