Generate X509 version 2 certificate

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Generate X509 version 2 certificate

Kalyan Kumar
Hi,

We are trying to qualify a feature which can consume ca signed certificate . Part of this we verified X509 v3 and v1 but unable to get the actual attributes for v2 creation.

Is this feasible in openssl and also whether standard supports ?

Thanks

Reply | Threaded
Open this post in threaded view
|

Re: Generate X509 version 2 certificate

Viktor Dukhovni
On Fri, Oct 04, 2019 at 07:28:20PM +0530, Kalyan Kumar wrote:

> We are trying to qualify a feature which can consume ca signed certificate
> . Part of this we verified X509 v3 and v1 but unable to get the actual
> attributes for v2 creation.
>
> Is this feasible in openssl and also whether standard supports ?

Nobody uses X.509v2 certificates.  In the context of X.509, the
successor of 1 is effectively 3, there is no "2".

    https://blogs.technet.microsoft.com/option_explicit/2012/04/09/pki-certificates-and-the-x-509-standard/

    Version 2 (ITU-T Recommendation X.509, Nov 1993 http://www.itu.int/rec/T-REC-X.509-199311-S)

        Version 2 of the X.509 certificate was very short-lived and
        rarely used.  In fact, the Internet Engineering Task Force
        (IETF) did not turn version 2 of the certificate into a RFC
        standard whatsoever. [...]

--
        Viktor.