Link Search Menu Expand Document

X.509

X.509 certificates containing hybrid and post-quantum public keys and signatures can be generated using our fork of OpenSSL 1.1.1 or using standard OpenSSL3 by with oqsprovider by way of the common openssl ‘x509’ commands specifying post-quantum algorithm names as listed here.

For a full walk-through on generating post-quantum X.509 certificates, see the OQS-OpenSSL README section “TLS demo”.

The easiest way to execute post-quantum X509 operations using OpenSSL1.1.1 functions is by using the pre-built curl Docker image at Docker hub.

For X.509 interoperability testing, the use of oqsprovider using the pre-built docker image is recommended, making use of the dynamic ID adaptation capabilities during testing.








Copyright © 2017-2022 The Open Quantum Safe Project.
This site uses Just the Docs, a documentation theme for Jekyll. Background image by Rick Doble.