"The actual values which occur in req_distinguished names are not
arbitrary ASCII strings, they are the names of ASN1 objects defined
in
crypto/objects/objects.h not all of these are relevant to
DNs though."
Look at that file and you'll figure it out. Pick one oid (I choosed uniqueIdentifier and add it in req_distinguished_name in openssl config. file.
I have a simple Perl code to dump some fields of the certificate presentated by the client to the server (it's apache-ssl):
#!/usr/bin/perl
##Script de prueba para capturar informacion del certificado enviado por el cliente.
print "Content-Type: text/html\n\n";
my $CN;
my $EMAIL;
$CN = $ENV{'SSL_CLIENT_CN'};
$EMAIL = $ENV{'SSL_CLIENT_EMAIL'};
$OU = $ENV{'SSL_CLIENT_OU'};
$O = $ENV{'SSL_CLIENT_O'};
$C = $ENV{'SSL_CLIENT_C'};
$ST = $ENV{'SSL_CLIENT_ST'};
$MATR = $ENV{'SSL_CLIENT_UID'};
$DN = $ENV{'SSL_CLIENT_DN'};
print "El certificado presentado contiene los siguientes datos:<BR>";
print "Nombre: $CN<br>";
print "Matricula: $MATR<br>";
print "Direccion correo-e: $EMAIL<BR>";
print "Reparticion: $OU<BR>";
print "Organizacion: $O<BR>";
print "Region: $ST<BR>";
print "Pais: $C<BR><BR>";
print "DN: $DN\n";
"Bumpass, Brian" wrote:
I am a newbie at this....
I want to add more information and confirm its existence in the certificate.
Similar to the "challengePassword" found in the default openssl.cnf and
objects.h
I would like to add UID and description. Can someone refer me to a docuemnt
on doing
this.Lastly is there Perl/Java code sniplets that can allow me to confirm these
objects
in my cert.Thanks in advance,
-B______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
--
"Se que crees que entiendes lo que piensas que yo dije,
pero no estoy seguro de que te des cuenta
de que lo que escuchaste no es lo que yo quise decir"
Richard Nixon (y yo)
