In message <[EMAIL PROTECTED]> on Sun, 28 Apr 2002 19:59:33 +0200, Lutz Jaenicke <[EMAIL PROTECTED]> said:
Lutz.Jaenicke> On Fri, Apr 26, 2002 at 12:38:05PM +0200, Robert Joop wrote: Lutz.Jaenicke> > `x509 -noout -text` prints inconsistent output. Lutz.Jaenicke> > Lutz.Jaenicke> > ...> openssl x509 -noout -text -in old.pem | grep Issuer: Lutz.Jaenicke> > Issuer: [EMAIL PROTECTED], CN=CA UCO, O=Universidad de Cordoba, C=ES Lutz.Jaenicke> > ...> openssl x509 -noout -text -in new.pem | grep Issuer: Lutz.Jaenicke> > Issuer: C=ES, O=Universidad de Cordoba, CN=AC [EMAIL PROTECTED] Lutz.Jaenicke> > Lutz.Jaenicke> > see the "/" that magically appears, instead of a ", "? Lutz.Jaenicke> > if found the place that does this magic and commented it out: Lutz.Jaenicke> > Lutz.Jaenicke> > ...> openssl x509 -noout -text -in old.pem | grep Issuer: Lutz.Jaenicke> > Issuer: [EMAIL PROTECTED], CN=CA UCO, O=Universidad de Cordoba, C=ES Lutz.Jaenicke> > ...> openssl x509 -noout -text -in new.pem | grep Issuer: Lutz.Jaenicke> > Issuer: C=ES, O=Universidad de Cordoba, CN=AC UCO, [EMAIL PROTECTED] Lutz.Jaenicke> > Lutz.Jaenicke> > it does it because the type "emailAddress" starts lower case! Lutz.Jaenicke> Lutz.Jaenicke> Your analysis is technically correct. If the object name is starting with Lutz.Jaenicke> an uppercase letter, the "/" is replaced with the ", ", otherwise it is Lutz.Jaenicke> not. Note that with 0.9.7, 'openssl x509' comes with the new option -nameopt, where you can choose from a number of formats. They are documented at http://www.openssl.org/docs/apps/x509.html#NAME_OPTIONS Lutz.Jaenicke> However: the section you are essentially removing (by commenting out) Lutz.Jaenicke> may be there for a reason. I have not used this functionality myself, Lutz.Jaenicke> so I don't know why this distinction is made. Therefore I am reluctant Lutz.Jaenicke> to touch it. Steve, could you kindly have a look into this? Yup, do not apply that patch. That'll destroy compatibility for applications that depend on this string format. -- Richard Levitte \ Spannv�gen 38, II \ [EMAIL PROTECTED] Redakteur@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47 \ SWEDEN \ or +46-708-26 53 44 Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED] Member of the OpenSSL development team: http://www.openssl.org/ Unsolicited commercial email is subject to an archival fee of $400. See <http://www.stacken.kth.se/~levitte/mail/> for more info. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
