Re: openssl-user - UTF8 characters in configuration file

Thu, 14 Mar 2013 09:46:54 -0700 

Hi Walter,

Thanks for that, but I have tried those options also, I must be missing 
something else?

commonName              = UTF8String:Root

   45:d=5  hl=2 l=   3 prim: OBJECT            :commonName
   50:d=5  hl=2 l=  15 prim: PRINTABLESTRING   :UTF8String:Root

commonName              = UTF8:Root

  168:d=5  hl=2 l=   3 prim: OBJECT            :commonName
  173:d=5  hl=2 l=   9 prim: PRINTABLESTRING   :UTF8:Root














From:   "Walter H." <walte...@mathemainzel.info>
To:     openssl-users@openssl.org, 
Cc:     rasmu...@us.ibm.com
Date:   03/14/2013 12:32 PM
Subject:        Re: openssl-user - UTF8 characters in configuration file
Sent by:        owner-openssl-us...@openssl.org



Hello John,

I had the same problem; the solution is just:

UTF8String or UTF8 and not UTF8STRING

Walter

On 14.03.2013 17:06, rasmu...@us.ibm.com wrote: 
I'm using the following configuration file section in an attempt to create 
a CA with UTF8 characters in subject (and other) fields. 

string_mask             = utf8only 
prompt                  = no 

[ req ] 

default_bits            = 2048 
default_keyfile         = /opt/rasmussjCa/private/cakey.pem 
default_md              = md5 
prompt                  = no 
distinguished_name      = root_ca_distinguished_name 
x509_extensions         = root_ca_extensions 

[ root_ca_distinguished_name ] 

commonName              = UTF8STRING:Root 
stateOrProvinceName     = MA 
countryName             = US 
emailAddress            = r...@abc.com 
organizationName        = abc 

When I use "commonName  = UTF8STRING:Root", I am getting a 
format=PRINTABLESTRING containing the "UTF8STRING:Root" value 

   45:d=5  hl=2 l=   3 prim: OBJECT            :commonName 
   50:d=5  hl=2 l=  15 prim: PRINTABLESTRING   :UTF8STRING:Root 

Not a UTF8STRING format as I'm expecting such as this ... 

  108:d=5  hl=2 l=   3 prim: OBJECT            :commonName 
  113:d=5  hl=2 l=  23 prim: UTF8STRING        :XXXXXXXXXX 

In addition to "string_mask = utf8", I've also tried the -utf8 option on 
the req with the same results: 

openssl req -x509 -newkey rsa:1024 -out rootcacert.pem -utf8 -outform PEM 

+++ 

In addition when I try to assign a policy "root_commonName" to the 
commonName field 

commonName              = root_commonName 
stateOrProvinceName     = MA 
countryName             = US 
emailAddress            = r...@abc.com 
organizationName        = abc 

[ root_commonName ] 

commonName              = UTF8STRING:Root 

I am am just getting the "root_commonName" policy assigned to the field 
rather than the "UTF8STRING:Root" value assigned within the policy 

  174:d=5  hl=2 l=   3 prim: OBJECT            :commonName 
  179:d=5  hl=2 l=  15 prim: T61STRING         :root_commonName 

Any comments are greatly appreciated. 

Thanks 

John

Reply via email to