Hi!
I'm trying to create a certificate using openssl library. Here is the
code --
void main () {
SSL_library_init();
SSL_load_error_strings();
OpenSSL_add_all_algorithms();
char err[1000];
RSA* keypair = RSA_new();
BIGNUM *e = BN_new();
X509 *certificate = X509_new();
EVP_PKEY *certkeypair = EVP_PKEY_new();
BN_set_word(e, 65537);
if (!RSA_generate_key_ex(keypair, 1024, e, NULL))
printf ("key generation failed");
BN_free(e);
e = NULL;
EVP_PKEY_assign_RSA(certkeypair,keypair);
X509_set_version (certificate , 3);
ASN1_INTEGER_set(X509_get_serialNumber(certificate), 1);
X509_NAME * certnames;
certnames = X509_get_subject_name(certificate);
X509_NAME_add_entry_by_txt(certnames, "C", MBSTRING_ASC, (unsigned
char *)"global", -1, -1, 0);
X509_NAME_add_entry_by_txt(certnames, "O", MBSTRING_ASC, (unsigned
char *)"BIGcoin", -1, -1, 0);
X509_NAME_add_entry_by_txt(certnames, "CN", MBSTRING_ASC, (unsigned
char *)"My IP", -1, -1, 0);
X509_set_issuer_name(certificate,certnames);
X509_gmtime_adj(X509_get_notBefore(certificate), -(24*60*60));
X509_gmtime_adj(X509_get_notAfter(certificate), (366*24*60*60));
X509_sign(certificate, certkeypair, EVP_sha512());
const SSL_METHOD* meth;
meth = TLSv1_method();
SSL_CTX* ctx;
ctx = SSL_CTX_new(meth);
SSL_CTX_use_certificate (ctx, certificate);
SSL_CTX_use_PrivateKey (ctx, certkeypair);
if (!SSL_CTX_check_private_key (ctx))
printf ("Signature could not be verified\n");
ERR_error_string(ERR_peek_last_error(), err);
printf ("Error is %s\n", err);
}
I cant get the created certificate to be verified. It always results in --
error:140A80B1:SSL routines:SSL_CTX_check_private_key:no certificate
assigned
