Antw: Re: syntax for openssl.cnf description & prompting for input

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Antw: Re: syntax for openssl.cnf description & prompting for input

Reinhard Haller

>>> [hidden email] 12.07.2005 21:44 >>>
>Reinhard Haller wrote:
>> Hi,
>>
>> I want to create certificates with 2 subject alternative names:
>> email
>> employee-number
>>
>> The emailAddress is not part of the subject distiguished name.
>>
>Perhaps you could apply my patch from ticket 1050.
>That allows to copy/move arbitrary subject DN fields to
>subjectAltName extension.

This solves the input problem. Is there a dependency on the
OpenSSL-version (0.9.7/0.9.8)?

>>subjectAltName=email:move,otherName:employee_num:move

Do you know any description of the syntax to provide
more than 1 subjectAltName and more specifically an
otherName as subjectAltName?

Thanks
Reinhard

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Antw: Re: syntax for openssl.cnf description & prompting for input

Goetz Babin-Ebell
Reinhard Haller wrote:

>>>>[hidden email] 12.07.2005 21:44 >>>
>>
>>Reinhard Haller wrote:
>>
>>>I want to create certificates with 2 subject alternative names:
>>>email
>>>employee-number
>>>
>>>The emailAddress is not part of the subject distiguished name.
>>
>>Perhaps you could apply my patch from ticket 1050.
>>That allows to copy/move arbitrary subject DN fields to
>>subjectAltName extension.
>
> This solves the input problem. Is there a dependency on the
> OpenSSL-version (0.9.7/0.9.8)?
I did it on the head.
But I have news of a successfull backport to 0.9.7...

>>>subjectAltName=email:move,otherName:employee_num:move
>
> Do you know any description of the syntax to provide
> more than 1 subjectAltName

??? do you mean more than one subjectAltName extension ?

The subjectAltName extension is a sequence of otherName so
it has no problem containing more than one name...

> and more specifically an
> otherName as subjectAltName?

Sorry I have never worked with an otherName.

If there is a way to insert it into the DN, my patch should
copy/move it...


Bye

Goetz

--
DMCA: The greed of the few outweighs the freedom of the many

smime.p7s (4K) Download Attachment