Thank you. I'll give those a shot.
Eric Johnson Nortel Networks Sustaining Engineer [EMAIL PROTECTED] -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Victor Duchovni Sent: Thursday, August 02, 2007 11:23 AM To: openssl-users@openssl.org Subject: Re: Question re: V3_alt.c in 9.7d On Thu, Aug 02, 2007 at 09:48:39AM -0400, Eric Johnson wrote: > Hi. > > I need to pull out the subject alternative name from the certificate > and than grab the 'otherName' type. When I look at V3_alt.c in 9.7d > I'm walking away with the impression that it isn't supported. Can > somebody confirm if this is the case or not? And if so is there a > version of OpenSSL where this is supported? Thanks. You should be using 0.9.7l or 0.9.8e, there are known issues with prior releases. The subjectAltName components are processed via: STACK_OF(GENERAL_NAME) *gens; int i, r; gens = X509_get_ext_d2i(cert, NID_subject_alt_name, 0, 0); for (i = 0, r = sk_GENERAL_NAME_num(gens); i < r; ++i) { const GENERAL_NAME *gn = sk_GENERAL_NAME_value(gens, i); switch (gn->type) { case GEN_OTHERNAME: /* Do something with: gn->d.othername->value; gn->d.othername->type_id; */ case GEN_EMAIL: ... case GEN_DNS: ... case GEN_X400: ... case GEN_DIRNAME: ... case GEN_EDIPARTY: ... case GEN_URI: ... case GEN_IPADD: ... case GEN_RID: ... default: ... } } -- Viktor. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
