Hello,
Can anyone help me in discerning which version of openssl supports
sbgp-autonomousSysNum
and sbgp-ipAddrBlock? If it has been deprecated then providing the
alternative would be greatly appreciated.
A sample openssl.cnf is provided below. When I perform a request for req it
fails because
Hello,
Can anyone help me in discerning which version of openssl supports
sbgp-autonomousSysNum
and sbgp-ipAddrBlock? If it has been deprecated then providing the
alternative would be greatly appreciated.
A sample openssl.cnf is provided below. When I perform a request for req it
fails because
Hello,
Can anyone help me in discerning which version of openssl supports
sbgp-autonomousSysNum
and sbgp-ipAddrBlock? If it has been deprecated then providing the
alternative would be greatly appreciated.
A sample openssl.cnf is provided below. When I perform a request for req it
fails because
On 18 Jan 2014, at 2:25 PM, "Dr. Stephen Henson" wrote:
> Have a look at demos/x509/mkcert.c
I eventually found it was as simple as this:
*extension = X509V3_EXT_conf(NULL, NULL, (char *)name, (char *)val);
What threw me was whether it was ok to pass NULL or not (it is).
Regards,
Graham
-
On Sat, Jan 18, 2014, Graham Leggett wrote:
>
> Some more digging and I still can't find how openssl parses extensions.
>
> Reverse engineering the code, it appears that ASN1_generate_v3() expects to
> be passed a parameter string that is a name value pair separated with a
> colon, which the str
On 18 Jan 2014, at 4:09 AM, Graham Leggett wrote:
> I am trying to load the name and value of an X509 extension programmatically
> via the API (in other words, the openssl.cnf file isn't being used), and I am
> struggling with openssl telling me that the tag doesn't exist.
&
Hi all,
I am trying to load the name and value of an X509 extension programmatically
via the API (in other words, the openssl.cnf file isn't being used), and I am
struggling with openssl telling me that the tag doesn't exist.
The extension I want to load has the name "keyU
On Wed, Apr 30, 2008, Carolin Latze wrote:
> Hi everybody,
>
> is there an easy way to extract the certificate's issuer serialNumber
> (that is the one in the X509v3 Authority Key Identifier extension)? At
> the moment, I try to parse this extension using string methods, but I
> could imagine tha
Hi everybody,
is there an easy way to extract the certificate's issuer serialNumber
(that is the one in the X509v3 Authority Key Identifier extension)? At
the moment, I try to parse this extension using string methods, but I
could imagine that there is another way to do this. Am I right?
Thanks i
Hi everybody,
I have some problems with X509 extensions. First of all, what I want to do:
I want to define new extensions, simply some new extension fields that I
want to fill with values.
I thought, I just define them in an array:
struct entry ext_entries[3] =
{
{"basicConstraints","CA
Great thx again for you advice. If someone suffers the same problem
of retrieving the OCSP URI from a X509 my code can be found here.
char* get_OCSPlocation_from_X509(X509* cert, char** urls)
{
BIO* mem=NULL;
ACCESS_DESCRIPTION* ad=NULL;
STACK_OF(ACCESS_DESCRIPTION)* ads
On Fri, Nov 24, 2006, Michael Stephan wrote:
> Hallo,
>
> is it possible (i know it is but not to me at the moment ): ), to
> "easily" retrieve the OCSP URI from a X509 v3 certificate extension
> list?
>
> X509v3 extensions:
> ..
> Authority Information Access:
> OCSP: URI:http:http://
Hallo,
is it possible (i know it is but not to me at the moment ): ), to
"easily" retrieve the OCSP URI from a X509 v3 certificate extension
list?
X509v3 extensions:
..
Authority Information Access:
OCSP: URI:http:http://ocsp.com
..
Would be great if you can help me with a tiny cod
On Fri, Nov 17, 2006, Manivannan S - TLS, Chennai wrote:
> Hi all,
>
> I am working in an application which involves TLS connection. My
> requirement is to read
>
> subjectAltName from the client certificate received by the server, when
> accepting TLS connection.
>
>
>
>
Hi all,
I am working in an application which involves TLS connection. My
requirement is to read
subjectAltName from the client certificate received by the server, when
accepting TLS connection.
I have generated CA certificate, client and server certificate
with subject
hi
i am using openssl toolkit and not custom source code to the following
operation :
- i have to add a custom attribute say :
CertVersionID ::= SEQUENCE {
hashAlgorithm AlgorithmIdentifier,
issuerNameHash OCTET STRING
issuerKeyHash OCTET STRING
serialN
hi
i am using openssl toolkit and not custom source code to the following
operation :
- i have to add a custom attribute say :
CertVersionID ::= SEQUENCE {
hashAlgorithm AlgorithmIdentifier,
issuerNameHash OCTET STRING
issuerKeyHash OCTET STRING
seria
On Wed, Jun 04, 2003, [EMAIL PROTECTED] wrote:
> Tried the following:
>
> POLICYINFO *cp;
> if ((cp = X509_get_ext_d2i(xs, NID_certificate_policies, NULL, NULL)) ==
> NULL)
> return "NoCP";
>
> And it does indeed return NULL and thus "NoCP", even when
> X509_get_ext_by_NID does return a
)
571.437.2064 (Cell)
[EMAIL PROTECTED]
> -Original Message-
> From: Dr. Stephen Henson [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, June 04, 2003 11:47 AM
> To: [EMAIL PROTECTED]
> Subject: Re: X509 Extension Parsing
>
>
> On Wed, Jun 04, 2003, [EMAIL PROTECTED] wr
On Wed, Jun 04, 2003, [EMAIL PROTECTED] wrote:
> Per Dr. Henson's suggestion I've been writing some code for Apache mod_ssl
> in order to determine the certificate class for our corporate PKI certs that
> have the Certificate Policy attribute.
>
> I've had some odd results and wanted to see if a
Per Dr. Henson's suggestion I've been writing some code for Apache mod_ssl in order to
determine the certificate class for our corporate PKI certs that have the Certificate
Policy attribute.
I've had some odd results and wanted to see if anyone can clarify for me.
I was unable to find the Cert
Hi,
I would like to add an extension to a X509 cert to carry the information
about the RSA key used (sshv1, sshv2, etc) to build the cert.
How could I include this information to let the peer search for the
right path ($HOME/.ssh/) and the right file to search for public key (identity.pub)?
Hi,
I use different type of RSA keys to build a X509 Cert,
so I would like to add an extension to the certificate to
establish what kinda of key peer is using.
How could I do that?
Thanks in advance
--
Davide D'Amico <[EMAIL PROTECTED]>
/(
3:59 PM
> To: '[EMAIL PROTECTED]'
> Subject: What's an rfc822Name, anyway? (was RE: How to add a new x509
> extension?)
>
>
> What's the format of an rfc822Name? Is it name@fqdn, or something else?
> The X.509 doc doesn't seem to say.
>
> > --
; > [mailto:[EMAIL PROTECTED]]On Behalf Of Little Stone
> > Sent: Thursday, June 10, 1999 3:59 PM
> > To: [EMAIL PROTECTED]
> > Subject: How to add a new x509 extension?
> >
> >
> > Hi:
> >
> > I want to ask a question about how to add a new x509 extersio
gt;
To: <[EMAIL PROTECTED]>
Sent: Thursday, June 10, 1999 11:52 AM
Subject: RE: How to add a new x509 extension?
> For your needs, you can use the "standard" extension
>
> id-ce-subjectAltName OBJECT IDENTIFIER ::= { id-ce 17 }
>
> which enables to give alernative nam
26 matches
Mail list logo
