On Wed, Sep 27, 2006, Antonio A wrote:

> dear Dr. Stephen,
> thanks again for your help )
>
> i am using the following code (C++ & Qt) to create
> certificate policies extension:
>
> x509v3ext GenExtDB::getCertPol()
> {
> x509v3ext ext;
> //#if 0
> if (!certPol->text().isEmpty()) {
> ext.create(NID_certificate_policies,
> certPol->text(), &ext_ctx);
> }
> //#endif
> return ext;
> }
>
>
> x509v3ext &x509v3ext::create(int nid, const QString
> &et, X509V3_CTX *ctx)
> {
> if (ext) {
> X509_EXTENSION_free(ext);
> ext = NULL;
> }
> if (!et.isEmpty()) {
> ext = X509V3_EXT_conf_nid(NULL, ctx, nid, (char
> *)et.latin1());
> }
> if (!ext) ext = X509_EXTENSION_new();
> return *this;
> }
>
> when i put 1.2.3.4 (OID) in certPol->text() i always
> get the following error:
>
> error:2206B088:X509 V3 routines:X509V3_EXT_conf:no
> config database
>
> could you give some hint to find out what is wrong?
>
>


You need a configuration database set up for this referenced through the v3 ctx
structure. There are various ways to do this mentioned in doc/openssl.txt and
the source to the various utilities.

In this particular case an empty database will do because it isn't used
with the configuration string being passed.

Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Funding needed! Details on homepage.
Homepage: http://www.drh-consultancy.demon.co.uk
__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majordomo@openssl.org