hi,
I'm sure we've discussed this before...but cant recall seeing a fix in behaviour
so chucking it back onto the RADAR for discussion/action (if I need to raise a bug
report than tell me on which repository ;-) )
currently, we are editing the certificate file when creating client.pem file so that it ONLY has
-----BEGIN CERTIFICATE-----
certificate data here
-----END CERTIFICATE------
rather than having any other content...which it will , by default, as commonly you get the
other text stuff present eg
Bag Attributes
localKeyID: A6 22 35 BD 00 1C 2B 20 DE A4 29 BD D0 E4 21 2E 2A 69 90 32
Key Attributes: <No Attributes>
etc etc.
a utility using SSL libraries should only care about the main stuff and ignore anything else
in the file, it would be nice/proper for libradsec to do so.
many thanks
alan
|