I've managed to parse the odd X509 certificate I received. Now I have
to create one.
It should look like the below.
X509v3 extensions:
X509v3 Subject Alternative Name: critical
DirName:/2.23.133.2.1=id:57454300/2.23.133.2.2=NPCT42x/NPCT50x/2.23.133.2.3=id:0391
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Extended Key Usage: critical
2.23.133.8.1
I'm almost there with this code, but I don't know how to code the
NID_subject_alt_name DirName extension.
add_ext(x, NID_basic_constraints, "critical,CA:FALSE");
add_ext(x, NID_ext_key_usage, "critical, 2.23.133.8.1");
Here's a dump of the subjectAltName field.
511 121: . . . SEQUENCE {
513 84: . . . . SEQUENCE {
515 3: . . . . . OBJECT IDENTIFIER subjectAltName (2 5 29 17)
: . . . . . . (X.509 extension)
520 1: . . . . . BOOLEAN TRUE
523 74: . . . . . OCTET STRING, encapsulates {
525 72: . . . . . . SEQUENCE {
527 70: . . . . . . . [4] {
529 68: . . . . . . . . SEQUENCE {
531 66: . . . . . . . . . SET {
533 20: . . . . . . . . . . SEQUENCE {
535 5: . . . . . . . . . . . OBJECT IDENTIFIER '2 23 133 2 1'
542 11: . . . . . . . . . . . PrintableString 'id:57454300'
: . . . . . . . . . . . }
555 24: . . . . . . . . . . SEQUENCE {
557 5: . . . . . . . . . . . OBJECT IDENTIFIER '2 23 133 2 2'
564 15: . . . . . . . . . . . PrintableString 'NPCT42x/NPCT50x'
: . . . . . . . . . . . }
581 16: . . . . . . . . . . SEQUENCE {
583 5: . . . . . . . . . . . OBJECT IDENTIFIER '2 23 133 2 3'
590 7: . . . . . . . . . . . PrintableString 'id:0391'
: . . . . . . . . . . . }
: . . . . . . . . . . }
: . . . . . . . . . }
: . . . . . . . . }
: . . . . . . . }
: . . . . . . }
: . . . . . }
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
