pki-bootstrap_pub/docs/ca_dev_notes

[[[ Certificate Dev Notes ]]]



[[ Steps ]]
* install CA certificate
* install CA I certificate

* install .p12 file for client authentication
  -push .p12 to /data/media/0/Download
* install CA I certificate as truste 
  -push ca_i.crt.pem files to /data/media/0/Download



[[ Issues ]]

[ Client Authentication Failure ]

1. CANNOT AUTHENTICATE SERVER
  -install CA I certificate (from .pem file)

2. CANNOT VALIDATE SERVER CERT (timestamp issue)
  -"subject certificate invalid (valid from May 1 ...)"
  -fix time on Android device

3. CONSTRAINT CHECK FAILED
"constraint check failed: identity '192.168.123.129' required"
  -need to add SAN using v3 extensions