Thanks for the various replies. On Wed, Jun 30, 2010 at 4:26 AM, Dr. Stephen Henson <[email protected]> wrote: > If you want an extension then you need to make use of the mini-ASN1 compiler > to add the appropriate fields. > > Note that if you add a new OID name in this way it only affects that instance > of OpenSSL: other applications and other instances of OpenSSL will still > display the numeric version of the OID and they wont display the fields of > an extension as they don't know how to parse and display it.
Yes, I should've clarified this originally, I want to add extensions a la the "Extensions" type. I did try out the form of adding new OIDs to the distinguished name(s) and that seems to work ok, but can you elaborate on what you mean by using the mini-ASN.1 compiler to support new OIDs? As far as I can tell this refers to either generating an ASN.1 encoding via the "asn1parse -genstr ..." or the ASN1_gen_nconf() function. How are those intended to be integrated in creation of a certificate? Does this require programmatically constructing the certificates? ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [email protected] Automated List Manager [email protected]
