Hello.
When Openssl parses X.509 certeficate (in my case it was DER-encoded,
but I doubt that it is important), it expects 'PostalCode' in
'Subject' to be type of ASN1_PRINTABLE (aka PrintableString in terms
of RFC3280). But actually PostalCode is allowed to be two types --
PrintableString and NumericString. So when it is given X.509
certificate with PostalCode as NumericString, openssl fails with log
like
{{{
unable to load certificate
3664:error:0D07808C:asn1 encoding routines:ASN1_ITEM_EX_D2I:mstring
wrong tag:.\crypto\asn1\tasn_dec.c:228:Type=ASN1_PRINTABLE
3664:error:0D08303A:asn1 encoding
routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1
error:.\crypto\asn1\tasn_dec.c:750:Field=value, Type=X509_NAME_ENTRY
3664:error:0D08303A:asn1 encoding
routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1
error:.\crypto\asn1\tasn_dec.c:711:
3664:error:0D08303A:asn1 encoding
routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1
error:.\crypto\asn1\tasn_dec.c:711:
3664:error:0D08303A:asn1 encoding
routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1
error:.\crypto\asn1\tasn_dec.c:750:Field=subject, Type=X509_CINF
3664:error:0D08303A:asn1 encoding
routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1
error:.\crypto\asn1\tasn_dec.c:750:Field=cert_info, Type=X509
}}}
Tag for NumericString is 18 (0x12 in hex).
Thank you.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
