I am trying to create a ecdsa certificate but I would like to generate it programatically. I am using openssl and C programming.
When I generate a certificate from the command line multiple questions are asked me to answer in other to use in the certificate. I would like to know how to define this questions, input this data programatically.
This is what I have found on the web, but I don't understand how to insert more information and this really works:
X509 *x;
x=X509_new();
X509_NAME *name = X509_get_subject_name(x);
X509_set_version(x, 2);
ASN1_INTEGER_set(X509_get_serialNumber(x), 3);
X509_gmtime_adj(X509_get_notBefore(x), 0);
X509_gmtime_adj(X509_get_notAfter(x), (long) 60 * 60 * 24 * 365);
X509_set_pubkey(x, pk);
X509_NAME_add_entry_by_txt(name, "C", MBSTRING_ASC, (const unsigned char*) "PT", -1, -1, 0);
The X509_NAME_add_entry_by_txt function I realise it's the answer to the country, but what does this "C" means? How is this function composed? Can I put whatever I want in the place of "C" and in the place of "PT"?
The C is the standard way of denoting the country and PT is the correct selection for Portugal (see this list for other country options).
You can use the X509_NAME_add_entry_by_txt function to set other values in the distinguished name, using the correct prefix:
C = countryST = stateL = localityO = organisationOU = organisational unitCN = common nameOnly the country field has a fixed range of choices.
See also the example given on the manual page: http://www.openssl.org/docs/crypto/X509_NAME_add_entry_by_txt.html#EXAMPLES