Christian P. wrote in post #982402:
> My problem is that the certificate doesn't contain a signature
> algorithm.

Look at it using openssl x509 and it should be clear:

$ openssl x509 -in ert.pem -noout -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1 (0x1)
        Signature Algorithm: itu-t
        Issuer: C=US, ST=Here, L=There, O=Where, CN=mycompany.com
        Validity
            Not Before: Feb 17 12:08:37 2011 GMT
            Not After : Feb 17 12:08:37 2016 GMT
        Subject: C=US, ST=Here, L=There, O=Where, CN=mycompany.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
            RSA Public Key: (1024 bit)
                Modulus (1024 bit):
                    00:c4:b1:7c:3d:c1:c7:c0:14:f8:7b:d4:4d:c1:80:
                    0a:0a:5d:fe:d8:3c:c8:29:d0:45:5f:98:68:e7:06:
                    2b:00:bf:62:09:a0:52:69:c7:c4:04:69:66:54:a5:
                    05:bc:ac:33:b2:ea:cc:e5:e2:47:89:e6:eb:78:61:
                    ce:0f:83:5d:00:34:38:eb:d8:23:cd:92:33:04:7f:
                    e6:8c:04:2a:d4:9c:22:57:3c:92:2d:8d:7c:4b:e5:
                    ad:33:2b:0c:a9:c5:ed:6b:45:c8:4c:80:11:b1:77:
                    ca:f4:ec:71:91:31:67:9d:2b:5a:c8:b0:f3:f5:24:
                    40:e1:f5:ac:89:d0:50:39:c3
                Exponent: 65537 (0x10001)
    Signature Algorithm: itu-t

The certificate contains no signature at all - you need to (self) sign 
it.

Compare it to a regular certificate and you'll see what I mean.

-- 
Posted via http://www.ruby-forum.com/.