-extension-to-a-CSR-tp47446p47601.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl
> From: owner-openssl-users On Behalf Of Danyk
> Sent: Wednesday, December 04, 2013 12:26
> I used this , and it seems to work great (parsed it with ASN1):
>
> st_exts= sk_X509_EXTENSION_new_null();
> X509_REQ *x;
>
> /*add INTEGER EXT*/
> int1 = ASN1_
equest */
X509_REQ_add_extensions(x, st_exts);
I freed all the ASN1 structs at the end...
Did I add the extension the way you meant? Do I need to free anything else?
--
View this message in context:
http://openssl.6102.n7.nabble.com/Adding-a-custom-extension-to-a-CSR-tp47446p475
> From: owner-openssl-users On Behalf Of Danyk
> Sent: Tuesday, December 03, 2013 12:35
> "Almost. If the actual value is not OCTET STRING, change the type created
> in the first two (or whatever) lines, and i2d'ed in the fourth line.
> And OPENSSL_free the pointer allocated here (d) after you're
NG_data(&data1);
i2d_ASN1_INTEGER(int1,&p);
//5) add to the extension stack.
sk_X509_EXTENSION_push(st_exts, X509_EXTENSION_create_by_OBJ(NULL,
obj, 0, &data1));
what is wrong with this?
--
View this message in context:
http://openssl.6102.n7.na
> From: owner-openssl-users On Behalf Of redpath
> Sent: Friday, November 29, 2013 09:42
> To: openssl-users@openssl.org
> Subject: *** Spam *** RE: Adding a custom extension to a CSR
>
>Sample abstract code, you should see this extension in your x509 when
you
> use the o
> From: owner-openssl-users On Behalf Of Danyk
> Sent: Thursday, November 28, 2013 09:28
> I rather not use the openssl config file, and stick with aPI's.
>
> >is it really an octet string containing one ASCII character "5"?
> no, it was just a simple example, the real values is are PRINTABLESTRI
", "myaliasname");
ASN1_OCTET_STRING_set(os, "ABC test", 8);
ret = X509_EXTENSION_create_by_NID( NULL, nid, 0, os );
X509_add_ext(x,ret,-1)
hope this helps.
--
View this message in context:
http://openssl.6102.n7.nabble.com/Adding-a-custom-extension-to-a-CSR-tp47446p47514.html
S
set such custom extension to CSR?
--
View this message in context:
http://openssl.6102.n7.nabble.com/Adding-a-custom-extension-to-a-CSR-tp47446p47501.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
__
> From: owner-openssl-users On Behalf Of Danyk
> Sent: Tuesday, November 26, 2013 06:07
> I am not using the openssl commandline, I have to use the API's (the
> openssl.cng is not used/parsed when using API's, right?)
>
Mostly up to you. If you call the simple wrapper OPENSSL_config(),
or the mo
, os );
but I get rubbish (space between the OID and the value):
1.3.6.1.4.1.19718.1000.1.2.2:
.
5
Am I using the correct API (i2d_ASN1_OCTET_STRING/ i2d_ASN1_INTEGER)?
What am i missing?
--
View this message in context:
http://openssl.6102.n7.nabble.com/Adding-a-custom-ext
> From: owner-openssl-users On Behalf Of Danyk
> Sent: Monday, November 25, 2013 07:26
> Im trying to add a custom Extension to a CSR using openssl API's:
>
I assume you know 'req' can be configured to create custom extensions
(if a bit clumsily) but you have reasons for coding it yourself inste
:"End Entry Type" instaed of the OID
"1.3.6.1.4.1.12345"?
Thanks,
Dany
--
View this message in context:
http://openssl.6102.n7.nabble.com/Adding-a-custom-extension-to-a-CSR-tp47446.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
___
13 matches
Mail list logo
