Closed IvarsAkmentins closed 3 years ago
For now, i got it working this way:
5.a. signed with csca using dgc-cli dgc signing sign -c ../csca/pub.pem -k ../csca/key-unenc.pem -i .\doc-cert.pem -o csca-signed.p7b
5.b. exported from csca-signed.p7b
.cer file and converted to PEM using openssl x509 -in .\csca-signed.cer -inform DER -outform PEM -out csca-signed.pem
dgc signing sign -c ../upl/pub.pem -k ../upl/key-unenc.pem -i .\csca-signed.pem -o upl-signed.p7b
Hi @IvarsAkmentins Do you by any chance have all steps required prior to step 5? ie: Generate the DSC Key and Cert.
Hi @psavva Locally I did with these steps
openssl req -x509 -new -days 730 -newkey ec -pkeyopt ec_paramgen_curve:prime256v1 -extensions ext -keyout privkey.pem -nodes -out pub.pem -config config.conf
dgc ta sign -c ../trust-anchor-cert.pem -k ../trust-key-unenc.pem -i ./pub.pem
openssl req -x509 -new -days 730 -newkey ec -pkeyopt ec_paramgen_curve:prime256v1 -extensions ext -keyout privkey.pem -nodes -out pub.pem -config config.conf
openssl pkcs12 -export -out my_cert.pfx -inkey ..\csca\privkey.pem -in ..\csca\pub.pem -certfile .\pub.pem
Hope this helps.
Thank you very much, It looks i'm doing this right :) I am still not able to validate my certificate for Cyprus.
Carrying on with debugging
Closing this - if it is not yet resolved, please comment and I will reopen
Hi,
I am trying to run locally DGC Gateway. And for testing, I am stuck on part 5 and 6
on part 5 I tried using
dgc-cli
withdgc signing sign
, but I can't use generated file to sign with upload certificate.Can you please provide example on how to create valid certificate to use for
/signerCertificate
?Thank you in advance.