On Thu, Mar 11, 2004, Kenichi MORI wrote: > Dear everyone, > > Could you tell me about X.509 extensions in OpenSSL ? > > 1) > Can I use DirectoryName(DN) in X.509 extensions "Subject Alternative Name" ? > According to openssl.txt (included doc directory), I can use "email", "URI", > "DNS", "RID" and "IP". But I can't find about DirectoryName. >
You can but only in OpenSSL 0.9.8. Support may be backported to the 0.9.7-stable branch at some point. > 2) > Can I use PrivateKeyValidity extensions. I know that RFC2459 recommend > not to use. But I would like to use it. > You can display it and use it from a program. There is no option to add it though in a certificate using 'ca' for example. It would be possible using the 0.9.8 mini-ASN1 compiler but messy. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
