On Fri, Nov 23, 2007, Frans de Boer wrote: > > One last question. The error message stated "syntax error", why not > missing or unknown OID? It now does suggests that the subjectInfoAccess > was at fault. So I was looking in the wrong places to start with. >
With the openssl command line utility you get: Error Loading extension section v3_ca 21647:error:0D06407A:asn1 encoding routines:a2d_ASN1_OBJECT:first num too large:a_object.c:108: 21647:error:2208B077:X509 V3 routines:V2I_AUTHORITY_INFO_ACCESS:bad object:v3_info.c:172:value=caRepository 21647:error:22098080:X509 V3 routines:X509V3_EXT_nconf:error in extension:v3_conf.c:93:name=subjectInfoAccess, value=caRepository;URI:http://www.foo.com/ Now admittedly the "first number too large" is a bit misleading but the second error indicates a bad OID and that it doesn't like "caRepository". Perhaps whatever you are using isn't printing out the full error message? Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
