Gurux gives error "Specified cast is not valid" upon certificate requests for server digital signature certificate

38 posts / 0 new
Last post
aoudumbarpawar
Gurux gives error "Specified cast is not valid" upon certificate requests for server digital signature certificate

Hii,
I am trying to generate the certificate request to the meter, but getting error "Specified cast is not valid" when getting response from meter.
Please go through the log and suggest.

Best Regards,
Aoudumbar Pawar

10:08:34
TX: 7E A0 1E 00 02 BA 69 61 76 5C 95 E6 E6 00 C3 01 C1 00 40 00 00 2B 00 01 FF 05 01 16 00 AC 24 7E
10:08:34
RX: 7E A1 9C 61 00 02 BA 69 96 B6 FD E6 E7 00 C7 01 C1 00 00 09 82 01 84 30 82 01 80 30 82 01 1D A0 03 02 01 02 02 03 5E 42 0F 30 0A 06 08 2A 86 48 CE 3D 04 03 02 30 51 31 1A 30 18 06 03 55 04 03 0C 11 54 53 33 44 4C 30 42 30 37 30 32 32 30 30 30 35 39 31 17 30 15 06 03 55 04 0A 0C 0E 41 6E 61 63 6C 65 20 53 79 73 74 65 6D 73 31 0D 30 0B 06 03 55 04 07 0C 04 50 75 6E 65 31 0B 30 09 06 03 55 04 06 13 02 49 4E 30 1E 17 0D 32 31 30 32 32 36 30 35 34 35 30 35 5A 17 0D 32 32 30 32 32 36 30 35 34 35 30 35 5A 30 1B 31 19 30 17 06 03 55 04 03 0C 10 33 33 34 34 34 63 30 37 30 32 32 30 30 30 35 39 30 59 30 13 06 07 2A 86 48 CE 3D 02 01 06 08 2A 86 48 CE 3D 03 01 07 03 42 00 04 14 D6 D2 EE 50 63 8D 0C D2 9E 77 F1 38 08 68 25 E1 FF 69 87 6C 64 63 8E D4 13 53 09 BA CC 4E A1 CB 09 E0 C2 9A 8E 26 6B 32 A4 0A 0C 84 2E 4E 68 A7 BF 2F 99 4F 47 9C BA 60 69 40 6E F3 4C 62 B3 A3 1A 30 18 30 09 06 03 55 1D 13 04 02 30 00 30 0B 06 03 55 1D 0F 04 04 03 02 07 80 30 0A 06 08 2A 86 48 CE 3D 04 03 02 03 51 00 30 4E 06 08 2A 86 48 CE 3D 04 03 02 02 20 2D C5 5E E6 65 65 24 48 68 6B 2D 65 AB 38 E8 8B F2 3B C1 63 BE 48 AD 4E C6 5B 34 03 EE 63 4C D1 02 20 01 69 F3 95 01 F0 35 3C D8 8E 0C C6 B1 AF 4B 1A 5A 6C 21 B3 FE F6 6D A9 23 69 4C 4B 22 57 42 80 7A 4D 7E

Kurumi
Kurumi's picture

Hi,

The certificate is not an PKCS #10 certificate as DLMS expects. This certificate is in another format. You need to ask the meter manufacturer to fix it.

BR,
Mikko

________________________________________
Mikko Kurunsaari
Gurux Ltd
http://www.gurux.fi

aoudumbarpawar

Hii,
Thanks you very much!!!

Please suggest any tool which can verify the PkCS#10 CSR generated and which shows errors in CSR generated

Best Regards,
Aoudumbar Pawar

aoudumbarpawar

Hii,
Can provide sample PKCS #10 CSR in pem format?

Best Regards,
Aoudumbar Pawar

Kurumi
Kurumi's picture

Hi,
-----BEGIN CERTIFICATE REQUEST-----
MIIBkjCCATcCAQAwgZcxCzAJBgNVBAYTAkZJMRIwEAYDVQQIDAlQaXJrYW5tYWExEDAOBgNVBAcMB1RhbXBlcmUxEjAQBgNVBAoMCUd1cnV4IEx0ZDEUMBIGA1UECwwLRGV2ZWxvcG1lbnQxGTAXBgNVBAMMEDMxMzIzMzM0MzUzNjM3MzgxHTAbBgkqhkiG9w0BCQEWDmd1cnV4QGd1cnV4LmZpMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEIPjcmb64MjHZB+Dg2RlF4gguIIrnr4n4vOwvT8uxbg6SnH5Ld0XoGgF5ee13SLlVDlMm9VAxl78TEZFW3vPdeKA9MBgGCSqGSIb3DQEJBzELDAljaGFsbGVuY2UwIQYJKoZIhvcNAQkCMRQMEkd1cnV4IEx0ZCBvcHRpb25hbDAKBggqhkjOPQQDAgNJADBGAiEA29LNUmpCR84A7vy0LjNvM27MHkeKSvHiAo70Re+U6VACIQDG3irIVw6fYBZcotTAjrB7r7X2u7ePP2uw2RASBD7B5g==
-----END CERTIFICATE REQUEST-----

BR,
Mikko

________________________________________
Mikko Kurunsaari
Gurux Ltd
http://www.gurux.fi

aoudumbarpawar

Hii,
Thanks!!!

Now gurux gives error "Invalid Signature"

But i have verified the signature, which is valid.

Following is the log:

09:32:26
TX: 7E A0 1E 00 02 BA 69 61 54 4C 97 E6 E6 00 C3 01 C1 00 40 00 00 2B 00 01 FF 05 01 16 00 AC 24 7E
09:32:27
RX: 7E A0 F2 61 00 02 BA 69 74 B1 9A E6 E7 00 C7 01 C1 00 00 09 82 00 DA 30 82 00 D6 30 82 00 7B 02 01 00 30 1B 31 19 30 17 06 03 55 04 03 0C 10 33 33 34 34 34 63 30 37 30 32 32 30 30 30 35 39 30 59 30 13 06 07 2A 86 48 CE 3D 02 01 06 08 2A 86 48 CE 3D 03 01 07 03 42 00 04 49 98 C8 22 7C EF 5E 99 61 84 D7 E7 3F 4E AA 45 EC F3 BE C1 97 95 C8 BF D2 B9 C5 70 8D BC 98 A4 9B 8C 96 28 22 72 1D FB E8 5D C4 C3 B0 30 E6 86 86 85 86 7A 02 B0 F8 DE 60 F4 98 A4 64 1E B0 84 30 0A 06 08 2A 86 48 CE 3D 04 03 02 03 49 00 30 46 02 21 00 9C A7 2A 2D 6C 28 2B 49 54 85 9A FE B5 12 35 4B D4 97 29 F2 1D A4 6B 3D 8D AA CF BE 07 D8 69 5F 02 21 00 FD CC 5F 7F 4E 3E BB FE E0 66 D0 4B A2 F5 CE 81 A4 00 A0 09 71 A2 8F 14 38 F2 3C 15 36 CD F7 C2 CF A5 7E

Following is the signature verification process:
Data used to calculate SHA-256 (TBS Certificate info):
30 82 00 7B 02 01 00 30 1B 31 19 30 17 06 03 55 04 03 0C 10 33 33 34 34 34 63 30 37 30 32 32 30 30 30 35 39 30 59 30 13 06 07 2A 86 48 CE 3D 02 01 06 08 2A 86 48 CE 3D 03 01 07 03 42 00 04 49 98 C8 22 7C EF 5E 99 61 84 D7 E7 3F 4E AA 45 EC F3 BE C1 97 95 C8 BF D2 B9 C5 70 8D BC 98 A4 9B 8C 96 28 22 72 1D FB E8 5D C4 C3 B0 30 E6 86 86 85 86 7A 02 B0 F8 DE 60 F4 98 A4 64 1E B0 84

Result of SHA-256 of TBS info:
8B 64 60 0A 16 5E 08 27 E8 EC E8 80 BC 5B 96 BB E9 CE 74 E5 DC B1 38 F8 3D 7A B0 3C 69 06 F6 17

Inputs used to verify the signature:
1. SHA-256 above
2. Public key: (in the certificate info)
49 98 C8 22 7C EF 5E 99 61 84 D7 E7 3F 4E AA 45 EC F3 BE C1 97 95 C8 BF D2 B9 C5 70 8D BC 98 A4
9B 8C 96 28 22 72 1D FB E8 5D C4 C3 B0 30 E6 86 86 85 86 7A 02 B0 F8 DE 60 F4 98 A4 64 1E B0 84
3. Signature : (calculated over TBS cert info):
3A 6A 03 AF 7C D3 01 85 99 FF DE DB B2 A6 8E 7E C3 CD 24 1C 4A 0A 4E 0E 73 3E 6A 25 2C 4C B5 DA
86 68 00 72 EB 2D A5 89 05 EC 30 1B 0C 3E AF FD A8 41 AD 47 68 4A 27 08 01 1C 0B B1 5B 96 08 D6

Signature verification result: Valid

Also find the snap of signature verification.

Also can suggest which fields are mendatory and which fields are optional in tbscertificate.

Image: 
Kurumi
Kurumi's picture

Hi,

The signature must sign with Sha256WithEcdsa, not SHA-256.

BR,
Mikko

________________________________________
Mikko Kurunsaari
Gurux Ltd
http://www.gurux.fi

aoudumbarpawar

Hii,
Signature is signed with SHA256WithECDSA.

Best Regards,
Aoudumbar Pawar

aoudumbarpawar

Hii,
Congratulation for got an award!!!

Able to get CSR successfully but now when click on "Generate" button gurux throws an error of "Invalid Signature", please suggest what is going wrong.

Below is the log and snap is also attached:
22:55:42
TX: 7E A0 1E 00 02 BA 69 61 54 4C 97 E6 E6 00 C3 01 C1 00 40 00 00 2B 00 01 FF 05 01 16 00 AC 24 7E
22:55:43
RX: 7E A0 ED 61 00 02 BA 69 74 8C 36 E6 E7 00 C7 01 C1 00 00 09 82 00 D5 30 81 D2 30 7B 02 01 00 30 1B 31 19 30 17 06 03 55 04 03 0C 10 33 33 34 34 34 63 30 37 30 32 32 30 30 30 35 39 30 59 30 13 06 07 2A 86 48 CE 3D 02 01 06 08 2A 86 48 CE 3D 03 01 07 03 42 00 04 1A 70 B2 F0 85 6F 05 36 AC C6 77 D2 9E EE 4C 56 4E 97 6D 30 47 61 42 42 D4 8B DB 4F 1E 08 5C 98 40 85 6D 14 3A 1A FA 30 7B 94 BE 21 B7 F8 3F F2 40 B6 AA F7 BE A6 DF 34 B8 9D 97 ED C3 F5 89 17 30 0A 06 08 2A 86 48 CE 3D 04 03 02 03 47 00 30 44 02 20 25 F6 EB B0 42 93 95 48 02 F9 14 4D 80 E8 6F 91 EB EE 4C 27 18 FF D1 47 A5 FC 53 B1 16 C3 3C A4 02 20 85 67 B7 7F 12 FA 62 6A 08 CE 62 C3 EB 65 FA 03 4E C3 90 E8 13 6C AB 05 65 07 93 F1 DD 92 E5 B9 AC 11 7E

Image: 
aoudumbarpawar

Hii,
When i verified CSR generated using following Link then it shows valid signature:
Link : https://redkestrel.co.uk/products/decoder/

Regards,
Aoudumbar Pawar

Image: 
Kurumi
Kurumi's picture

Hi Aoudumbar,

This is updated and we are just testing this. You can use your certificate with the next version.
It's released this week as soon as tests are over.

BR,
Mikko

________________________________________
Mikko Kurunsaari
Gurux Ltd
http://www.gurux.fi

aoudumbarpawar

Hii,
Thanks!!!
Have you released the updated GuruxDirector?

Best Regards,
Aoudumbar Pawar

Kurumi
Kurumi's picture

Hi,

Not yet. Tests are still in progress. I believe that it's released at the end of this month.

BR,
Mikko

________________________________________
Mikko Kurunsaari
Gurux Ltd
http://www.gurux.fi

Kurumi
Kurumi's picture

Hi,

The new version is released where this is fixed.

BR,
Mikko

________________________________________
Mikko Kurunsaari
Gurux Ltd
http://www.gurux.fi

aoudumbarpawar

Hii,
Thank you very much!!!:)
it works , i am getting the digital signature certificate successfully.

Best Regards,
Aoudumbar Pawar

aoudumbarpawar

Hii,
Is the Gurux Root CA certificate changed?

verification of certificate signature using public key of Gurux root CA public key gets failed.

Best Regards,
Aoudumbar Pawar

aoudumbarpawar

Hii,
is last released guruxdirector has digital signing APDU?

Best Regards,
Aoudumbar Pawar

Kurumi
Kurumi's picture

Hi Aoudumbar,

Support for digital signing is not in that release.

BR,

Mikko

________________________________________
Mikko Kurunsaari
Gurux Ltd
http://www.gurux.fi

aoudumbarpawar

Hii,
Is the Gurux Root CA certificate changed?

verification of certificate signature using public key of Gurux root CA public key gets failed.

Best Regards,
Aoudumbar Pawar

Kurumi
Kurumi's picture

Hi Aoudumbar,

No, Are you using C# version? Can you send the failed certificate to me by email so I can check it?

BR,
Mikko

________________________________________
Mikko Kurunsaari
Gurux Ltd
http://www.gurux.fi

aoudumbarpawar

Hii,
On which email i have to send certificate?
anyway all certificates even client certificates signature verification getting failed while import the certificate.

Below are the certificates in PEM format:

GuruX CA certificate:
-----BEGIN CERTIFICATE-----
MIIBzjCCAXugAwIBAgIDCEUPMAoGCCqGSM49BAMCME4xFDASBgNVBAMMC1Jvb3QgQ0EgMjU2MRcwFQYDVQQKDA5HdXJ1eCBTZWN1cml0eTEQMA4GA1UEBwwHVGFtcGVyZTELMAkGA1UEBhMCRkkwHhcNMjEwMTAxMDAwMDAwWhcNNDAwMTAxMDAwMDAwWjBOMRQwEgYDVQQDDAtSb290IENBIDI1NjEXMBUGA1UECgwOR3VydXggU2VjdXJpdHkxEDAOBgNVBAcMB1RhbXBlcmUxCzAJBgNVBAYTAkZJMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEdCZnNDVxEFikQqjaEHchZZM1xyRtcDFcY/RH4Gyy9Teim6G1TOa2y4DJGhbwx5/UtJZwi5FAQ4cbgx3f4amIOqNIMEYwKQYDVR0OBCIEIBlGt4our0/g8DVWgsNweU7b2hIkbEY1S+QhpC17hfgdMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMAoGCCqGSM49BAMCA0EAJH7ENQOwPV0oXkav3z3+gDRL0o/ump93drcacbRXDY84L1vcag1LETxMaxylaV73MUhWWugPpuDqBFkxV2PoLQ==
-----END CERTIFICATE-----

Client Digital signature certificate:
-----BEGIN CERTIFICATE-----
MIIBfTCCARqgAwIBAgIDQEYPMAoGCCqGSM49BAMCME4xFDASBgNVBAMMC1Jvb3QgQ0EgMjU2MRcwFQYDVQQKDA5HdXJ1eCBTZWN1cml0eTEQMA4GA1UEBwwHVGFtcGVyZTELMAkGA1UEBhMCRkkwHhcNMjEwNDEzMDkzMDUwWhcNMjIwNDEzMDkzMDUwWjAbMRkwFwYDVQQDDBAzMTMyMzMzNDM1MzYzNzM4MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAESQ2XkJLyPW2CWEjoqv/M4p9ckOEktKE4vH6V3Ofiq7Bys8fLeDGbeLAwHu7cmbY8wz1S4F2JxkBRklRJEIp69aMaMBgwCQYDVR0TBAIwADALBgNVHQ8EBAMCB4AwCgYIKoZIzj0EAwIDUQAwTgYIKoZIzj0EAwICIOcEJ7FEJkEYTKz05B4bo9eRoEQ6DKZC8+O14XYVvKvjAiD29RdBWfBbNpwYpqzmfw3Xi5AX9pYpCpvY9byjcILpMw==
-----END CERTIFICATE-----

Server Digital signature certificate:
-----BEGIN CERTIFICATE-----
MIIBfTCCARqgAwIBAgIDe0YPMAoGCCqGSM49BAMCME4xFDASBgNVBAMMC1Jvb3QgQ0EgMjU2MRcwFQYDVQQKDA5HdXJ1eCBTZWN1cml0eTEQMA4GA1UEBwwHVGFtcGVyZTELMAkGA1UEBhMCRkkwHhcNMjEwNDIyMDg0MzAzWhcNMjIwNDIyMDg0MzAyWjAbMRkwFwYDVQQDDBAzMzQ0NEMwNzAyMjAwMDU5MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEReGz0y8548QdgqjETvHEx3oEPXsQAN2nJa0KeSdmJYz/xgdmVD2NDaBMIQM0sdxK9aLYphUjLLqQ0aSt/FjPqaMaMBgwCQYDVR0TBAIwADALBgNVHQ8EBAMCB4AwCgYIKoZIzj0EAwIDUQAwTgYIKoZIzj0EAwICIDO8kWt/+xZ3/uQXNS+/CKLAmXPBFCb2C9nRDUBW9SUaAiD6KcOQ9Q73hXfKH/a6hVzNl8954X5Qjhnqd6r75nUH3Q==
-----END CERTIFICATE-----

Best Regards,
Aoudumbar Pawar

Kurumi
Kurumi's picture

Hi Aoudumbar Pawar,

All certificates can be open and they look good. What is your GXDLMSDirector version?
What kind of error you are receiving?

BR,
Mikko

________________________________________
Mikko Kurunsaari
Gurux Ltd
http://www.gurux.fi

aoudumbarpawar

Hii,
Thanks!!!

Version is : 8.2.2104.2101

Actually no error from the GURUX, When i import the certificate in meter while debug the meter code verification of the signature of the certificate (certificate which is signed by gurux on success response against CSR request) which is received for import from client.

are you able to verify the signature of these certificates that i had sent to you using Gurux Root CA certificates public key?

Best Regards,
Aoudumbar Pawar

aoudumbarpawar

Hii,

Following is the processure of certificate signature verification (client dig. sig, certificate)
1. Extract the TBS certificate data from received certificate for import:
30 82 01 1A A0 03 02 01 02 02 03 40 46 0F 30 0A 06 08 2A 86 48 CE 3D 04 03 02 30 4E 31 14 30 12 06 03 55 04 03 0C 0B 52 6F 6F 74 20 43 41 20 32 35 36 31 17 30 15 06 03 55 04 0A 0C 0E 47 75 72 75 78 20 53 65 63 75 72 69 74 79 31 10 30 0E 06 03 55 04 07 0C 07 54 61 6D 70 65 72 65 31 0B 30 09 06 03 55 04 06 13 02 46 49 30 1E 17 0D 32 31 30 34 31 33 30 39 33 30 35 30 5A 17 0D 32 32 30 34 31 33 30 39 33 30 35 30 5A 30 1B 31 19 30 17 06 03 55 04 03 0C 10 33 31 33 32 33 33 33 34 33 35 33 36 33 37 33 38 30 59 30 13 06 07 2A 86 48 CE 3D 02 01 06 08 2A 86 48 CE 3D 03 01 07 03 42 00 04 49 0D 97 90 92 F2 3D 6D 82 58 48 E8 AA FF CC E2 9F 5C 90 E1 24 B4 A1 38 BC 7E 95 DC E7 E2 AB B0 72 B3 C7 CB 78 31 9B 78 B0 30 1E EE DC 99 B6 3C C3 3D 52 E0 5D 89 C6 40 51 92 54 49 10 8A 7A F5 A3 1A 30 18 30 09 06 03 55 1D 13 04 02 30 00 30 0B 06 03 55 1D 0F 04 04 03 02 07 80

2. Calculate the SHA-256 of TBS certificate in step 1 (resultant digest is below)
94 9D 25 12 98 C4 D6 C3 59 9E 92 2F 6F 41 64 67 B4 24 CC 4B A0 36 D0 A3 D2 08 49 5A 8A 3C 0D 1D

3. Verify the certificate signature which is at the end of the certificate
3.1 Inputs used to verify the signature of the TBS certificate
3.1.1 SHA-256 digest calculated in step 2
94 9D 25 12 98 C4 D6 C3 59 9E 92 2F 6F 41 64 67 B4 24 CC 4B A0 36 D0 A3 D2 08 49 5A 8A 3C 0D 1D
3.1.2 Signature of the certificate
E7 04 27 B1 44 26 41 18 4C AC F4 E4 1E 1B A3 D7 91 A0 44 3A 0C A6 42 F3 E3 B5 E1 76 15 BC AB E3
F6 F5 17 41 59 F0 5B 36 9C 18 A6 AC E6 7F 0D D7 8B 90 17 F6 96 29 0A 9B D8 F5 BC A3 70 82 E9 33
3.1.3 Public key of the Gurux CA certificate
74 26 67 34 35 71 10 58 A4 42 A8 DA 10 77 21 65 93 35 C7 24 6D 70 31 5C 63 F4 47 E0 6C B2 F5 37
A2 9B A1 B5 4C E6 B6 CB 80 C9 1A 16 F0 C7 9F D4 B4 96 70 8B 91 40 43 87 1B 83 1D DF E1 A9 88 3A

signature verification result : Invalid signature

Also find the snap of signature verification.

Best Regards,
Aoudumbar Pawar

Image: 
aoudumbarpawar

Hii,
Please help to find out whether the last comment procedure is correct or wrong.

If wrong please correct me.

Best Regards,
Aoudumbar Pawar

Kurumi
Kurumi's picture

Hi,

Your TBS certificate is in the wrong format. I hope this will help you.
http://www.gurux.fi/CustomCertificate

BR,
Mikko

________________________________________
Mikko Kurunsaari
Gurux Ltd
http://www.gurux.fi

aoudumbarpawar

Hii,
As per my study TBS certificate is in correct format.

I think my procedure of signature verification of certificate using root CA public key is correct.

Please go through the following information taken from link below:
https://gist.github.com/genaromadrid/9075d315e949fb4b3760db5c36c9a8ca

### Other way to validate the certificate:
# Since the CA signed the DER format of the TBSCertificate, you can just
# verify the signature of the certificate with the public key of the root
# passing the TBSCertificate as a param
# If everything its fine you'll get a 'Verified OK' message or a 'Verification Failure' instead.
openssl dgst -sha1 -verify $root_pub_key_path -signature $sig_path $tbs_path
Notes
The TBS certificate is the body of the actual certificate; it contains all the naming and key information held in the certificate. The only information in the actual certificate that is not held in the TBS certificate is the name of the algorithm used to sign the certificate and the signature itself.

The TBS certificate is used as the input data to the signature algorithm when the certificate is signed or verified.

Best Regards,
Aoudumbar Pawar

aoudumbarpawar

Hii,
When i am trying to verify the gurux digital signature certificate using gurux root ca certificate in openssl i am getting error "error in verify"
Snap is attached.

Best Regards,
Aoudumbar Pawar

Image: 
Kurumi
Kurumi's picture

Hi,

We have found the reason for this. There is a new method GXx509Certificate.IsCertified that you can use to check is x509 certificated by the given certifier.

The new version is released today.

BR,
Mikko

________________________________________
Mikko Kurunsaari
Gurux Ltd
http://www.gurux.fi

aoudumbarpawar

Hii,
Thanks!!!

is GXDLMSDirector released today?

I am not getting notification of updated on GXDLMSDirector still.

Best Regards,
Aoudumbar Pawar

Kurumi
Kurumi's picture

Hi,

You need to get a new certificate and it will start to work. There was an issue with the root certificate.
It's now fixed.

BR,
Mikko

________________________________________
Mikko Kurunsaari
Gurux Ltd
http://www.gurux.fi

aoudumbarpawar

Hii,
can share the new root certificate.

Best Regards,
Aoudumbar Pawar

aoudumbarpawar

Hii,
Got the new root certificate from link that you had provided at the time of release with suite1.
Trying to import this new certificate but guruxdirector gives error "Unable to cast object of type 'system.boolean' to type 'Gurux.DLMS.ASN1Sequence'.

Best Regards,
Aoudumbar Pawar

Kurumi
Kurumi's picture

Hi,

This is fixed to Gurux.DLMS.Net and it will update to GXDLMSDirector in the next release (today).
BR,
Mikko

________________________________________
Mikko Kurunsaari
Gurux Ltd
http://www.gurux.fi

aoudumbarpawar

Hii,
Thanks a lot!!!
I have hardcoded New Gurux Root CA public key and used for verification of the certificate and it verifies the new certificates signed by the new root CA successfully.

Best Regrads,
Aoudumbar Pawar

aoudumbarpawar

Hii,
Thank you!!!!

Got update and working just fine. :)

BR,
Aoudumbar Pawar

aoudumbarpawar

Hii,

waiting for the release with digital signing.
Any planning of including digital signing.

Also may how may i test key agreement method in non suite mode.

BR,
AP

Kurumi
Kurumi's picture

Hi,

Digital signing is released after we have made few changes.
You can send key_agreement when you select the Security Setup object and press "Update Key..." Button.
Then select Key type and set new key and correct KEK. The key agreement will fail if KEK is wrong.

BR,
Mikko

________________________________________
Mikko Kurunsaari
Gurux Ltd
http://www.gurux.fi