Stephen, Once again thanks so much. I had thought subjectAltName would allow any kind of alternate name but have found out how wrong I can be. I noticed in the example use of DNS: I have noticed in the spec there is something called 'DirName' but I tried 'DirName:mystuff' and it didn't get stored.
I have to store a string that would rightly be called an 'otherName' but noticed it doesn't work and tells me it is unsupported. Can you tell me how I would use DirName? Peace, Chuck Wegrzyn Dr. Stephen Henson wrote: > On Wed, Jun 06, 2007, Chaz. wrote: > >> I have a need to create X509 Requests that will be authenticated by an >> external CA. In creating the request do I need to sign it? >> > > You need to use the private key corresponding to the public key in the > request. > >> I also have seen something strange that I am trying to figure out. In >> the request I place a 'subjectAltName' extension. If I convert the >> request to a string and display it I can see the extension. After I sign >> it the subjectAltName extension doesn't show up again. Is this to be >> expected? >> > > You have to encode the correct structure. In requests there is a special > attribute called "request extensions" which contains all the requested > extensions. > > Check out: > > demos/x509/mkreq.c > > Steve. > -- > Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage > OpenSSL project core developer and freelance consultant. > Funding needed! Details on homepage. > Homepage: http://www.drh-consultancy.demon.co.uk > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager [EMAIL PROTECTED] > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
