Hello there, I have not read the MicroSoft specs, but I know that certificates we issue from OpenCA are being used to logon to a Win2K domain.
> 1. It must have the subject alternative name extension with other name = > principal name = prinicpal_name_of_the _user (for example > [EMAIL PROTECTED]). > 2. It must have a specific "Certificate template" extension with bmp > value "SmartcardUser" (or "SmartcardLogon"). > The interesting thing is that certs I am issuing from 0.9.0-1 have an extended key usage field with a value of "Smart Card Logon (1.3.6.1.4.1.311.20.2.2)" and the email in the Subject Alt Name, as you describe above. I have noticed that the extended key usage is an additional field in the 0.9.1-1 ext files. What version of OpenCA are you using ? Chris... ------------------------------------------------------- This SF.net email is sponsored by OSDN developer relations Here's your chance to show off your extensive product knowledge We want to know what you know. Tell us and you have a chance to win $100 http://www.zoomerang.com/survey.zgi?HRPT1X3RYQNC5V4MLNSV3E54 _______________________________________________ Openca-Users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-users
