On Fri, Feb 21, 2003, Hadmut Danisch wrote: > On Fri, Feb 21, 2003 at 02:44:10PM +0100, Dr. Stephen Henson wrote: > > > in the first part (before any sections). Then add something like: > > [init_section] > > oid_section=asn1_oids > > [asn1_oids] > > whatever_oid=1.2.3.4 > > > > to then end of the config file. The objects added should then be visible to > > all applications of the 'openssl' utility. > > > Yup, it works. Thanks a lot. But I had to change the default > openssl.cnf. The req command has an option -config, while the > x509 command hasn't. Is there any way to use x509 with a different > config file? > >
OPENSSL_CONF environment variable is one way. > > > > There isn't a way to add arbitrary extension code to any released versions of > > OpenSSL other than by manually working out the encoding yourself and using the > > DER option. However in 0.9.8-dev there is a mini-ASN1 compiler so you can do > > things like: > > > I see. Any timeline for the release of 0.9.8? > No, nothing set. You can download snapshots of the development version though. Its also possible to use the 'asn1parse' command in 0.9.8 to generate the DER encoding of an extension and then use a hex dump of it with the DER option for earlier versions of OpenSSL. Steve. -- Dr Stephen N. Henson. Core developer of the OpenSSL project: http://www.openssl.org/ Freelance consultant see: http://www.drh-consultancy.demon.co.uk/ Email: [EMAIL PROTECTED], PGP key: via homepage. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
