[gnutls-help] certtool and add_extension
Nicolas Mora
nicolas at babelouest.org
Fri Dec 6 15:57:00 CET 2019
Hello,
6 décembre 2019 04:54 "Nikos Mavrogiannopoulos" <nmav at gnutls.org> a écrit:
> You may want to check your gnutls version. This template option was
> added at 3.5.3.
>
Nevertheless, I use a Debian Buster with gnutls 3.6.7
Here is a gist with the script and template files I use for my demonstration:
https://gist.github.com/babelouest/0c5076462d52f8ecf7c33c9862681687
The log file output is attached, and more specifically, the client certificate output is:
Generating a signed certificate...
X.509 Certificate Information:
Version: 3
Serial Number (hex): 736c577633f2962c130569396e9c8532394975ea
Validity:
Not Before: Fri Dec 06 14:30:20 UTC 2019
Not After: Fri Nov 20 14:30:20 UTC 2020
Subject: C=CA,O=babelouest,OU=Authenticator Attestation,CN=glewlwyd_packed
Subject Public Key Algorithm: EC/ECDSA
Algorithm Security Level: High (256 bits)
Curve: SECP256R1
X:
3d:ca:36:10:58:e0:f0:49:cc:61:47:57:ac:ee:83:60
45:29:c2:23:ab:50:1f:00:50:1b:9e:8e:51:e4:e7:8d
Y:
58:e4:9c:5f:81:c0:dd:d7:44:8b:c9:a2:b4:04:48:16
d0:f1:86:46:d2:b5:2b:be:9b:f5:ce:76:af:3a:65:e7
Extensions:
Basic Constraints (critical):
Certificate Authority (CA): FALSE
Key Usage (critical):
Digital signature.
Subject Key Identifier (not critical):
945473da3bfe497d2b712dc3cef6e4a692be8b29
Authority Key Identifier (not critical):
6e245f7b8f84bb602631dc9b3a33af2fb58670f3
Other Information:
Public Key ID:
sha1:945473da3bfe497d2b712dc3cef6e4a692be8b29
sha256:9cccc45cc2996175ed3567a0033ef413309228d78b5364b8270ad962f14d49a0
Public Key PIN:
pin-sha256:nMzEXMKZYXXtNWegAz70EzCSKNeLU2S4JwrZYvFNSaA=
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: extension.log
URL: <https://lists.gnupg.org/pipermail/gnutls-help/attachments/20191206/5757c075/attachment.ksh>
More information about the Gnutls-help
mailing list