Hello Stephen,
Wednesday, January 24, 2007, 11:20:38 PM, you wrote:
DSH> On Wed, Jan 24, 2007, Andrew V. Jelly wrote:
>> Have a problem with sending emails signed (S/MIME) using OpenSSL
>>
>> Post command:
>> > openssl smime -sign -text -in message.txt -out signed.txt -signer my.cert
>>
Hello Christian,
i guess in the policy section of your CA you should - besides entries like
countryName = optional
stateOrProvinceName = optional
organizationName= optional
organizationalUnitName = optional
domainComponent = match
commonName = supplie
Depending on how many hosts (just those three?) you could use
subjectAltName entries to provide multiple, specific hostnames on one
cert. I don't know aobut the others, but Verisign will make you pay
full price for each subjectAltName (they are wise to how that can be
used to circumvent their pric
On Thu, Jan 25, 2007, Lutz Jaenicke wrote:
>
> Hi,
>
> I am trying to issue certificates with a uid attribute in the subject like:
>
> Subject: .../CN=/emailAddress=/uid=
>
> How can I do that?
>
> In the "DISTINGUISHED NAME AND ATTRIBUTE SECTION" of openssl.conf I
> inserted:
>
> UID
In a large organization (100+ domains) a wildcard cert might be
inappropriate for two reasons:
1. Certificate Renewal would happen like a sudden intense migraine
headache. Suddenly all 100+ domains would need the new cert. For this
reason I'd be tempted to go with a 5 year! (According to keyl
All my services (mail, web, etc) are secured using OpenSSL .
mail: qmail & dovecot
web: lighttpd
ftp: twoftpd
I'd like to be able to secure all my services under one domain, but multiple
hostnames (on multiple machines) at the best cost, but without compromising
my end-users; I currently use sel
Forwarding to openssl-users for public discussion.
Best regards,
Lutz
- Forwarded message from Christian Brandes <[EMAIL PROTECTED]> -
X-Original-To: [EMAIL PROTECTED]
X-Original-To: [EMAIL PROTECTED]
Delivered-To: [EMAIL PROTECTED]
X-Greylist: delayed 253 seconds by postgrey-1.27
