dear friends of OpenSSL, i use OpenSSL-0.9.7 in an application that generates certificates with x509 v3 extensions. i have some questions:
i) according to one post (http://www.mail-archive.com/openssl-dev@openssl.org/msg11608.html) OpenSSL-0.9.7 does not support otherName as a valid option for SubjectAltName extension (only: rfc822Name, dNSName, uniformResourceIdentifier, iPAddress, registeredID). is this true? Do i have to use OpenSSL-0.9.8 to use this option? ii) i would like to know how i could use the certificatePolicies extension in a certificate. how could i create the raw extension? iii) Does OpenSSL-0.9.7 support SHA256 and SHA512 digest algorithms? i read that OpenSSL-0.9.7k (for exmaple) has support to these algorithms but it is completely necessary to compiling and installing OpenSSL FIPS Module before. OpenSSL-0.9.8 does support these algorithms. i found a post that says OpenSSL FIPS Module is temporaly suspended. is there any way to support SHA256 and SHA512 digest algorithms in OpenSSL-0.9.7? Best regards Antonio Araujo Brett __________________________________________________ Correo Yahoo! Espacio para todos tus mensajes, antivirus y antispam ¡gratis! Regístrate ya - http://correo.espanol.yahoo.com/ ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
