When openssl ca command creates a certificate from SPKAC, it accepts option utf8, which theoretically should make it accept any utf8 characters and place them into certificate DN using apporpriate ASN1 STRING type (i.e. BMP_STRING or UTF8_STRING).
However, function certify_spkac in apps/ca.c uses function ASN1_PRINTABLE_type to determine type of ASN1 string to use. And this function never returns V_ASN1_BMPSTRING or V_ASN1_UTF8STRING. It can return only V_ASN1_PRINTABLESTRING (which is complete unsuitable for non-latin letters), V_ASN1_T61STRING or V_ASN1_IA5STRING. Should it be considered a bug which can be fixed during 1.0.0 feauture fix process or it is new feature which can appear in 1.0.x release only ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
