[kmf-discuss] signing/verifying certificates with pktool(1)
Wyllys Ingersoll
wyllys.ingersoll at sun.com
Mon Jan 7 07:19:21 PST 2008
Jan Pechanec wrote:
> hi, it seems that pktool(1) doesn't export signing/verifying
> capabilities of certificates that is present in underlying API. With signing
> I mean to provide CSR and a cert/key reference (presumably one of CA) to use
> for signing with CA's private key. Is there any plan to add such support?
>
> thanks, Jan.
>
>
It was intentionally left out. Signing a CSR is really the job of a CA
and we are not prepared to go down that path. One can easily write a
small utility using KMF functions that will sign a CSR using a particular
private key and generate a certificate, though.
-Wyllys
More information about the kmf-discuss
mailing list