I want to generate a X509 v3 certificate using a CSR (RFC2986), but the RFC says PKCS10 (CSR) supports only v1. Can anyone tell me the difference?
Asked
Active
Viewed 1,701 times
1 Answers
5
The PKCS#10 version field does not refer to the version of the requested X.509 certificate.
The version field is used to describe the format of the subsequent ASN.1 object. A correct decoder should read the version first and then decodes the rest of the encoded object fields according to this value.
Current formats:
- X509 certificates version is 3
- PKCS#10 CSR version is 1
Jcs
- 13,279
- 5
- 53
- 70