Dear Dr. Stephen,
thanks for your answer )

i am using OpenSSL 0.9.7 API to generate a
certificate, so i would like to know if i have to edit
openssl config file in order to use the certificate
policies estension.

i appreciate all help you could give me.

best regards.

antonio araujo



--- "Dr. Stephen Henson"
escribi=F3:

> On Tue, Sep 26, 2006, Antonio A wrote:
>=20
> > dear Marco,
> >=20
> > how could i insert certificate policies in a
> > certificate? using openssl 0.9.7=20
> >=20
> > like your certificate=20
> >=20
> > ...
> >=20
> > X509v3 Certificate Policies:=20
> > Policy: 2.16.840.1.113733.1.7.1.1
> > CPS:

> https://www.verisign.com/CPS
> > User Notice:
> > Organization: VeriSign, Inc.
> > Number: 1
> > Explicit Text: VeriSign's CPS
> > incorp. by reference liab. ltd. (c)97 VeriSign
> > ...
> >=20

>=20
> I'm not Marco but I can answer that :-)
>=20
> You need to edit the config file to add the
> appropriate extension. See the
> fine manual at:
>=20
> http://www.openssl.org/docs/apps/x509v3_config.html
>=20
> although the "bleeding edge" 0.9.9 docs are on the
> website the options for
> certificate policies are unchanged since 0.9.7. The
> other manual pages
> describe which section of the config file to change.
>=20
> Steve.
> --
> Dr Stephen N. Henson. Email, S/MIME and PGP keys:
> see homepage
> OpenSSL project core developer and freelance
> consultant.
> Funding needed! Details on homepage.
> Homepage: http://www.drh-consultancy.demon.co.uk
>

__________________________________________________ ____________________
> OpenSSL Project =20
> http://www.openssl.org
> User Support Mailing List =20
> openssl-users@openssl.org
> Automated List Manager =20
> majordomo@openssl.org
>=20



__________________________________________________
Correo Yahoo!
Espacio para todos tus mensajes, antivirus y antispam =A1gratis!=20
Reg=EDstrate ya - http://correo.espanol.yahoo.com/=20
__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majordomo@openssl.org