From: Martin P. <cmp...@iz...> - 2011-06-17 09:56:33
|
Hi, the cmpforopenssl tool is not much more than a very simple proof-of-concept for utilizing the library's API. It is certainly possible to add the new option. Please consider to give your enhancements back to the project - preferably as bug report on Sourceforge. We'll then test and integrate it. Kind regards, Martin On Mon, Jun 13, 2011 at 5:45 PM, ABULIUS, MUGUR (MUGUR) <mug...@al...> wrote: > Hello, > This topic concerns the option “—cacert FILE’ of “cmpforopenssl” tool in > case of a initial CMPv2 request sequence. > Our understanding is that this option is mandatory and that it specifies the > path to a client local CA certificate file corresponding to the signing CA. > Looking to the source files I have the feeling that the only usage of this > option with the initial CMPv2 request sequence is to provide the issuer's > name that will fill up the recipient field on the header of the request. I > didn't see any other usage of the CA file. > On my specific scenario I know the “issuer” name for the CA but I don’t have > the CA certificate on the client side before sending the ir (initial > request) to server. > My question is if it is possible to add a new option “—caname” or > "--recipient" (or similar) to specify the missing field (i.e. issuer). This > option could be VERY useful when the “—cacert” is unknown. > > Best Regards > Mugur > > > ------------------------------------------------------------------------------ > EditLive Enterprise is the world's most technically advanced content > authoring tool. Experience the power of Track Changes, Inline Image > Editing and ensure content is compliant with Accessibility Checking. > http://p.sf.net/sfu/ephox-dev2dev > _______________________________________________ > Cmpforopenssl-devel mailing list > Cmp...@li... > https://lists.sourceforge.net/lists/listinfo/cmpforopenssl-devel > > |