8 Jan
2013
8 Jan
'13
11:22 p.m.
On 01/08/2013 05:07 PM, Gordon Messmer wrote:
On 01/08/2013 11:49 AM, Robert Moskowitz wrote:
Why was this chosen? Why is not -extensions v3_req used in the certificate creation?
Because it has to be able to sign itself?
No. A self-signed cert need not and actually SHOULD not be a CA cert according to PKIX standards.
CA is for signing other certs.