[gnutls-help] Email Protection Key

Nikos Mavrogiannopoulos nmav at gnutls.org
Fri May 5 14:25:17 CEST 2017


It seems you have found a bug. That option although documented was not
implemented. You can work around that by using:
key_purpose_oid = 1.3.6.1.5.5.7.3.4

regards,
Nikos

On Thu, May 4, 2017 at 7:45 PM, Yan Fiz <yanfiz at gmail.com> wrote:
> I get "Warning: skipping unknown option 'email_protection_key'" error while
> use 'email_protection_key' purpose that in mentioned
> http://gnutls.org/manual/html_node/certtool-Invocation.html.
>
> certtool 3.5.11
>
> Example ;
>
> $ cat authority.cfg
> cn=Authority
> ca
> path_len=0
> cert_signing_key
> crl_signing_key
> expiration_days=365
>
> $ cat user.cfg
> cn=User
> signing_key
> non_repudiation
> encryption_key
> email_protection_key
> expiration_days=365
>
> $ certtool --generate-privkey --rsa --bits 2048 --outfile authority.p8
> $ certtool --generate-privkey --rsa --bits 2048 --outfile user.p8
> $ certtool --generate-self-signed --hash sha512 --load-privkey authority.p8
> --outfile authority.crt --template authority.cfg
> $ certtool --generate-request --hash sha512 --load-privkey user.p8 --outfile
> user.p10 --template user.cfg
> Warning: skipping unknown option 'email_protection_key'
>
> _______________________________________________
> Gnutls-help mailing list
> Gnutls-help at lists.gnutls.org
> http://lists.gnupg.org/mailman/listinfo/gnutls-help



More information about the Gnutls-help mailing list