On Mon, Jul 14, 2008, Oil Supply wrote: > On Mon, Jul 14, 2008 at 1:51 PM, Patrick Patterson > <[EMAIL PROTECTED]> wrote: > > <snip> > >> #This is the extension I want to add > >> fooname=this is a block of text > >> basicConstraints = CA:true > >> keyUsage = cRLSign, keyCertSign > >> [ crl_ext ] > >> authorityKeyIdentifier=keyid:always,issuer:always > > > > What is fooname? What is the encoding? An extension is represented (in the > > simplest form), as an OID (that identifies which extension it is, and a > > value > > that is encoded as per the RFC (or other document) rules for that extension. > > > > So, for instance, if fooname is an extension that corresponds to the > > OID '1.2.3.4', and it is of value UTF8String, then I think that the right > > way > > to encode it could be: 1.2.3.4 = UTF8:This is a block of text > > Hi Pat. According to the docs and what I read, this should just "work". :) >
Well whatever docs they are it wont ;-) OpenSSL has no idea how to process "fooname" or the value. > In this case, fooname is just a string. I am starting simple to get > the syntax down, then I will tackle other types. So I am not trying > anything fancy. I did try your suggestion if trying using the bare OID > but got the same error. The correct syntax for that example is: 1.2.3.4 = ASN1:UTF8:This is a block of text Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
