I have created the CA certificate with OpenSSL commands and it is in a PEM file.
In my program I have created the RSA key pair and the CSR (X509_REQ type).
Now, how do I sign the CSR with the CA implementing it in C language?
Thanks.
Asked
Active
Viewed 150 times
0
-
1You have the CA private key as well, right? You're going to need it. That said, I think you're going to find [this answer](https://stackoverflow.com/questions/38949576/how-to-programmatically-create-a-certificate-signing-request-csr) *extremely* informative. – WhozCraig Aug 25 '22 at 20:11
-
Do you mean the private key generated as a previous step before the generation of the CA cert file? – Pepepotamo Aug 29 '22 at 18:32
-
I mean signing *anything* requires the private key of the *signer*. If you're generating a cert from the CSR you need the CA's private key to do it. II meant what I said, btw. The linked answer I provided is highly informative on multiple fronts, and probably shows exactly what you're looking for. Likewise [for this answer](https://stackoverflow.com/questions/256405/programmatically-create-x509-certificate-using-openssl). – WhozCraig Aug 29 '22 at 18:45
-
I think the initial link is what I need. Thanks a lot for your help! I have another question: before signing the certificate on generate_cert function, there is a call to a function named EVP_KEY_copy_parameters... is that actually needed since the "to" key of the function isn't used to sign the certificate? – Pepepotamo Aug 31 '22 at 19:47