[Nfd-dev] Using ndnsec to sign a certificate
Junxiao Shi
shijunxiao at email.arizona.edu
Thu Aug 3 01:41:13 PDT 2017
Hi Anthony
In my deployment I use 'ndnsec key-gen' instead of 'ndnsec-sign-req' to
make a key pair. See https://yoursunny.com/t/2016/ndncert/ for steps. They
are working for ndn-cxx installed from PPA.
If you are using git-master version, beware there are multiple bugs
affecting ndnsec, including https://redmine.named-data.net/issues/4085
https://redmine.named-data.net/issues/4157
https://redmine.named-data.net/issues/4204
https://redmine.named-data.net/issues/4202 .
You might be affected by one of these bugs. Watch the bug on Redmine to get
notified when it gets resolved, or help working on one if it's not yet
assigned.
Yours, Junxiao
On Tue, Aug 1, 2017 at 12:30 Anthony Dowling <dowlinah at clarkson.edu> wrote:
>
> I am working on using ndnsec to generate signed certificates to
> authenticate data, but for some reason I am having a lot of issues with it.
> I have a machine that requests a certificate, then another one acting as a
> "Certification Authority". For clarification, yes, I did transfer the file
> to the "CA" before using cert-gen. What is the issue here?
>
> machine requesting signature
> ------------------------------------------------
>
> pi at raspberrypi:~/sec $ ndnsec-sign-req /localhost/operator >
> unsigned_pi7.cert
>
>
>
> "CA"
> machine----------------------------------------------------------------
>
> tony at azrael:~/clarkson/research/ndn$ ndnsec cert-gen -N pi7 -I
> "192.168.42.7 'pi7'" -s /clarkson/azrael unsigned_pi7.cert
> ERROR: input error
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.lists.cs.ucla.edu/pipermail/nfd-dev/attachments/20170803/9a48191e/attachment.html>
More information about the Nfd-dev
mailing list