Thread: Create X.509 certificate - needed very much!

  1. #1
    Registered User
    Join Date
    Jan 2007

    Create X.509 certificate - needed very much!

    I have such a program to build:

    Write a program that creates a valid X.509 standard compliant root certificate on your name and issued by yourself (you can freely choose the values for other “meaningful fields”). You should use RSA algorithm for your public key and your digital signature and freely chose a message digest algorithm supported by X.509 standard (e.g. MD5 or SHA-1).

    I am searching througt the web for hours to find some libraries or some example code where I could get help in this task. I found a CML (Certificate Management Library) but I am not sure if there are things I need. There is no examples and I can't understand a bit of it. Could someone help me a bit by answering to some questions I can't figure out by myself:
    1) To create a certificate in this case means to create a "*.der" file which is formed in agreement with X.509 needs. Is it so?
    2) Where can I clearly see what information in what sequence and what amount is to be included in such certificate?
    3) How can I make such "*.der" file? I can imagine like that - creating some struct in C++ with needd fields and then trying to encode this struct in file. Is it so? If so, where can I find some tools to make such encoding? Or an information of how such encoding must be done?

    I am really desperate about getting to know all this about certificates and creating one. I really need to get done with it in a very short time. Can someone help?


  2. #2
    Registered User
    Join Date
    Jan 2007
    OK, I found some infromation and made a certificate - `*.cer` file! Now I have such a task:

    Write a program that verifies your certificate (since it is a root certificate, it is sufficient to check whether certificate issuer and subject are the same and whether a digital signature of the issuer matches the subject’s public key).

    So, I have a question - what does it mean to verify my certificate (my `*.cer` file)? I must look, if issuer and subjects fields in this file are the same? And what about this 2nd request - I must look, weather or not subject's public key matches what? The digital signature of what? Is that the signature coming along the certificate or what? I have mixed all up, I guess..

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. Replies: 6
    Last Post: 04-09-2006, 04:32 PM
  2. Create a Window from _beginthread
    By matth in forum C++ Programming
    Replies: 0
    Last Post: 03-15-2006, 04:07 PM
  3. Button handler
    By Nephiroth in forum Windows Programming
    Replies: 8
    Last Post: 03-12-2006, 06:23 AM
  4. How to create a file association program?
    By eShain in forum Windows Programming
    Replies: 1
    Last Post: 03-06-2006, 12:15 PM
  5. Cannot create MDI Client Win
    By JaWiB in forum Windows Programming
    Replies: 1
    Last Post: 10-31-2005, 10:05 PM