Certificates generated using 3k/4k CSR generated with OpenSSL fails on Windows 2008R2

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi All,

I am generating 1k/2k/3k/4k CSR's on our device using OpenSSL library. I am
generating these CSR on our device. We have windows 2008 R2 servers and I
am signing these CSR using certificate authority on windows server.  I am
 setting only client and server authentication bits in the CSR since these
are simple end entity certificates. Once certificates are generated , I am
 able to install the certificates on our device.

These certificates are working well with 802.1x (EAP-TLS) setup on the same
windows 2008 R2 server. However when I was trying to test IPsec with
certificate based authentication, authentication is failing.Enabling the
IPsec event viewer shows error in accepting the certificate and generates a
?invalid signature? message which looks to be generic. Failures are seen
only with 3k and 4k certificates.

Later I  refered to a link http://blog.gentilkiwi.com/tag/bag-attributes
added
 -LMK -CSP "xxx" -name options, certificate worked well. I wanted to know
is any one having similar experience with 3k and 4k ID certificates that
does not have these fields on windows system.

Any help is appreciated.

Regards
Jayalakshmi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160810/f755039f/attachment.html>


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux