On Thu, May 12, 2005, pana wrote: > Hi All, > > I want add custom extension to my certificate and I try to insert the > oid in [new_oids] section and the extension in the [v3_ca] section. > That's ok. > I want define my custom extension as a string which I can write when I > create the certficate. > How can I do? Do I need write C code or I only need to modify the openssl.cnf? > I read the x509v3_config(5) manual section but I didn't find the solution. > Someone can help me? >
Depends on what you want to do with the string. If its a human readable string then you can use UTF8String as the string type. If its binary data with no clear structre you can use an OCTETSTRING if it is structured you might want something more elaborate. You can generate almost arbitrary structures using the mini-ASN1 compiler in OpenSSL 0.9.8-dev but when you want to parse, display and interpret more complex forms then you might want to add a custom extension. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
