I figured this out. Now I have a problem with correctly marshalling this field. Here is a link to the example code:
Go Playground <https://play.golang.org/p/cWjDND7Fth> It creates certificate request without error but requested extensions are total mess: Certificate Request: Data: Version: 0 (0x0) Subject: CN=naclbox Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (1024 bit) Modulus (1024 bit): 00:a9:c0:50:76:da:98:cf:62:f2:6e:22:9d:52:78: a0:cd:aa:1d:46:6f:d5:ae:16:9a:06:df:7a:cd:76: 29:1b:d1:f3:08:ee:f8:27:8e:c6:67:ed:52:50:b5: 20:38:25:af:5f:01:7f:cc:98:7d:74:b3:90:35:c5: 09:c4:d6:76:09:7b:3a:fe:e2:ae:4a:0c:8a:0e:22: 41:2e:9b:c7:9a:0a:c0:ad:b0:9f:96:34:03:c8:c2: 2e:36:57:a0:95:33:cd:6e:74:39:bf:87:f0:0b:69: e7:98:45:9b:3f:cb:20:c6:00:16:67:25:06:1c:4e: 95:ec:81:ce:81:99:30:6a:df Exponent: 65537 (0x10001) Attributes: Requested Extensions: X509v3 Subject Alternative Name: 0...naclbox..0...*... service-id Signature Algorithm: sha256WithRSAEncryption 50:4e:36:69:eb:30:ac:1c:c4:0c:bc:7a:6a:8b:58:24:e4:09: a7:4f:ac:de:83:b0:5d:dd:c6:60:a1:bf:c2:4d:c9:0b:21:aa: 9f:87:82:2b:b1:f8:93:f8:91:8d:1a:66:a9:5e:03:b0:a5:99: e3:52:db:7e:8c:2f:ac:bb:1b:29:3e:65:6a:7a:f8:57:bd:26: 36:f7:16:a3:55:6f:23:49:a2:94:e7:cb:ff:c9:5b:30:32:f2: 76:6a:cc:92:f0:6c:b8:16:3a:80:57:e2:0e:35:38:96:02:2b: 2f:b3:28:76:14:9d:c6:e0:e8:a7:17:87:03:f2:59:c3:94:58: 52:35 On Monday, 24 April 2017 23:32:42 UTC+2, Janne Snabb wrote: > > Yes, but not as easily as using DNSName. You need to add the extension > "manually". > > Put it in ExtraExtensions of the template. See > /usr/local/go/src/crypto/x509/x509.go functions buildExtensions and > marshalSANs to see how to put it there. > > > Janne Snabb > sn...@epipe.com <javascript:> > > On 2017-04-24 18:28, Adam Medziński wrote: > > Is it possible to set a SAN otherName in x509.CertificateRequest > > <https://golang.org/pkg/crypto/x509/#CertificateRequest> structure, so > > it will be present in the DER encoded output > > of x509.CreateCertificateRequest > > <https://golang.org/pkg/crypto/x509/#CreateCertificateRequest>? > -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
