On Thu, Jun 23, 2005, Dr. Rodney McDuff wrote:
> Hi
> I'm try to add multiple caIssuers and OCSP entries to my
> authorityInfoAccess attribute and I am having some difficulties with
> getting the right openssl.cnf syntax. I want to add the following (Note
> LDAP U
Hi
I'm try to add multiple caIssuers and OCSP entries to my
authorityInfoAccess attribute and I am having some difficulties with
getting the right openssl.cnf syntax. I want to add the following (Note
LDAP URIs and nasty commas)
caIssuers;http://server1.domain/certs/ca-certs.p7b
caIs
as part of the message? My intuition says
yes,
since otherwise the certs would be
trusted.
2. Does anyone have any example code that can
access
the AuthorityInfoAccess data from an X509
Certificate?
That is, given an X509 *, how do I go from there
and get
the URL that points at the OCSP Responde
From: Amit Chopra <[EMAIL PROTECTED]>
amitc> I just wanted to know if there is any work happening on an OCSP
amitc> library for OpenSSL.
There is a patch kit for OpenSSL 0.9.5a in
http://www.stacken.kth.se/~levitte/OpenSSL/ . I'm currently working
on making it better (there is a lot of things
Hi,
I just wanted to know if there is any work happening on an OCSP
library for
OpenSSL. Or is it something that is left to the users i.e goes into the
verify callback?
Thanks,
Amit.
__
OpenSSL Project
Richard Browne wrote:
>
> Is it possible to use openssl to add authorityInfoAccess extensions when
> signing a certificate? If so... how?
>
Yes, syntax is:
authorityInfoAccess= OID1;type, OID2;type
where 'type' has the same syntax as subjectAltName for example
auth
Is it possible to use openssl to add authorityInfoAccess extensions when
signing a certificate? If so... how?
__
OpenSSL Project http://www.openssl.org
User Support Mailing List
