On Mon, Aug 09, 2010, Bram Cymet wrote:
> Ok I see it now.
>
> The whole structure is there asn1parse just can't print out the
> GENERALSTRINGs I changed them to UTF8 and I was able to see everything.
>
Yes that's a current limitation/bug, I'll fix OpenSSL so it does print out
GENERALSTRINGS
Ok I see it now.
The whole structure is there asn1parse just can't print out the GENERALSTRINGs
I changed them to UTF8 and I was able to see everything.
Thanks again,
Bram
On 2010-08-09, at 6:51 AM, Bram Cymet wrote:
> Ok I was able to get openssl to generate a cert. Now when I got to asn1
Ok I was able to get openssl to generate a cert. Now when I got to asn1parse
-strparse the Subject Alternative Name I get:
0:d=0 hl=2 l= 47 cons: SEQUENCE
2:d=1 hl=2 l= 45 cons: cont [ 0 ]
4:d=2 hl=2 l= 6 prim: OBJECT:1.3.6.1.5.2.2
12:d=2 hl=2
I have attempted a number of different command line commands. They are all
similar to:
openssl x509 -extfile req.conf -extensions client_cert -in bcymet-cert.pem -out
test.pem
openssl x509 -req -in req.pem -sha1 -extfile req.conf -extensions client_cert
-CA CA.pem -CAkey cakey.pem -out test.p
On Fri, Aug 06, 2010, Bram Cymet wrote:
> It complains about the client_cert section.
>
> Attached is the conf file.
>
> I am using openssl 1.0.0.
>
That's odd, I just tried it on the latest 1.0.0-stable (1.0.0a should be near
enough) and other than the typo for prompt it works fine.
What com
On 08/06/2010 01:18 PM, Dr. Stephen Henson wrote:
> On Fri, Aug 06, 2010, Bram Cymet wrote:
>
>
>> On 08/06/2010 08:49 AM, Dr. Stephen Henson wrote:
>>
>>> On Wed, Aug 04, 2010, Bram Cymet wrote:
>>>
>>>
>>>
HI,
Give a configuration like the following:
sub
On Fri, Aug 06, 2010, Bram Cymet wrote:
> On 08/06/2010 08:49 AM, Dr. Stephen Henson wrote:
> > On Wed, Aug 04, 2010, Bram Cymet wrote:
> >
> >
> >> HI,
> >>
> >> Give a configuration like the following:
> >>
> >> subjectAltName=otherName:1.3.6.1.5.2.2;SEQUENCE:princ_name
> >>
> >>
> >> # Copy
On 08/06/2010 08:49 AM, Dr. Stephen Henson wrote:
> On Wed, Aug 04, 2010, Bram Cymet wrote:
>
>
>> HI,
>>
>> Give a configuration like the following:
>>
>> subjectAltName=otherName:1.3.6.1.5.2.2;SEQUENCE:princ_name
>>
>>
>> # Copy subject details
>>
>> issuerAltName=issuer:copy
>>
>> [princ_name
On Wed, Aug 04, 2010, Bram Cymet wrote:
> HI,
>
> Give a configuration like the following:
>
> subjectAltName=otherName:1.3.6.1.5.2.2;SEQUENCE:princ_name
>
>
> # Copy subject details
>
> issuerAltName=issuer:copy
>
> [princ_name]
> realm = EXP:0, GeneralString:${ENV::REALM}
> principal_name
would my best course of action be to use ASN1_generate_nconf to generate
this OCTET String. Can someone give me an example of how to do this?
On 08/04/2010 03:35 PM, Bram Cymet wrote:
> To give more information:
>
> At present I don't care about the issuerAltName
> and
>
> I would like to be able
To give more information:
At present I don't care about the issuerAltName
and
I would like to be able to generate the octet string that would be needed.
Thanks
On 08/04/2010 03:08 PM, Bram Cymet wrote:
> HI,
>
> Give a configuration like the following:
>
> subjectAltName=otherName:1.3.6.1.5.2.2
HI,
Give a configuration like the following:
subjectAltName=otherName:1.3.6.1.5.2.2;SEQUENCE:princ_name
# Copy subject details
issuerAltName=issuer:copy
[princ_name]
realm = EXP:0, GeneralString:${ENV::REALM}
principal_name = EXP:1, SEQUENCE:principal_seq
[principal_seq]
name_type = EXP:0, I
12 matches
Mail list logo
