I thought that the problem was the incorrect file and i copy the lines in the file "User.ext" but acuse another problem:
Error 6761
- Error General Error while issuing Certificate to Juan Carlos Lillo
Molina (filename: /usr/local/OpenCA/var/tmp/1B.req).
OpenCA::OpenSSL returns errocode 7731075 (OpenCA::OpenSSL->issueCert: OpenSSL fails (7777067). Using configuration from /usr/local/OpenCA/etc/openssl/openssl/User.conf
Check that the request matches the signature
Signature ok
ERROR: adding extensions in section default
28291:error:2207C082:X509 V3 routines:DO_EXT_CONF:unknown extension name:v3_conf.c:123:
28291:error:2206B080:X509 V3 routines:X509V3_EXT_conf:error in extension:v3_conf.c:92:name=oid_section, value=new_oids
error in ca
).
:( :(
On 6/1/06, Dmitrij Mironov <[EMAIL PROTECTED]> wrote:
Hello Juan.
I'm not a guru, but I can suggest you to define otherName OID in
openssl/openssl.cnf at etc/ directory of OpenCA installation. Place new OID
in [ new_oids ] section:
[ new_oids ]
otherName = 1.2.3.4.5 # use appropriate OID here
Hope this helps.
Regards,
Dmitrij
________________________________
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of Juan Carlos
Lillo Molina
Sent: Thursday, June 01, 2006 10:36 PM
To: [email protected]
Subject: [Openca-Users] Problems with additional attributes
Hello...
I need new attributes to "subjectAltName"
I use the following lines in pub.conf
DN_TYPE_BASIC_SUBJECTALTNAMES "otherName" "email"
DN_TYPE_BASIC_SUBJECTALTNAME_1 "RUT"
DN_TYPE_BASIC_SUBJECTALTNAME_1_MINIMUM_LENGTH 12
DN_TYPE_BASIC_SUBJECTALTNAME_1_REQUIRED "YES"
DN_TYPE_BASIC_SUBJECTALTNAME_2 "E-Mail"
DN_TYPE_BASIC_SUBJECTALTNAME_2_MINIMUM_LENGTH 3
DN_TYPE_BASIC_SUBJECTALTNAME_2_REQUIRED "YES"
If i swap "otherName" by "DNS"... there is no problems with the
certificate generation, but with "otherName" the result is this:
Error 6761
Error General Error while issuing Certificate to Juan
Carlos Lillo Molina1 (filename: /usr/local/OpenCA/var/tmp/1A.req).
OpenCA::OpenSSL returns errocode 7731075
(OpenCA::OpenSSL->issueCert: OpenSSL fails (7777067). Using configuration
from /usr/local/OpenCA/etc/openssl/openssl/User.conf
Check that the request matches the signature
Signature ok
ERROR: adding extensions in section default
23292:error:22075075:X509 V3
routines:v2i_GENERAL_NAME:unsupported option:v3_alt.c:436:name= otherName.0
23292:error:2206B080:X509 V3
routines:X509V3_EXT_conf:error in
extension:v3_conf.c:92:name=subjectAltName, [EMAIL PROTECTED]
error in ca
).
In the openssl documentation talk about the "otherName" features,
but don't work with openca...
Please, help me with any hint...
--
Atte.
JCLM
-------------------------------------------------------
All the advantages of Linux Managed Hosting--Without the Cost and Risk!
Fully trained technicians. The highest number of Red Hat certifications in
the hosting industry. Fanatical Support. Click to learn more
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=107521&bid=248729&dat=121642
_______________________________________________
Openca-Users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openca-users
--
Atte.
JCLM
_______________________________________________ Openca-Users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openca-users
