On Sat, May 14, 2011 at 12:55:44PM +0400, A.B.COKO/\OB wrote:
> > For example:
> > subjectAltName=URI:ldap://somehost.com/CN=foo,OU=bar
> > will produce an error but the equivalent form:
> > subjectAltName=@subject_alt_section
> > [subject_alt_section]
> > subjectAltName=URI:ldap://somehost.com/CN=foo,OU=bar
This is not the right syntax, for example with DNS names:
subjectAltName = @alt_names
[ alt_names ]
DNS.1 = a.example.com
DNS.2 = b.example.com
DNS.3 = c.example.com
So your [ alt_section ] needs to be a list of
<type>.<instance_number> = value
lines. Where <type> is a valid subject altname type, and <instance_number>
is an integer counter that starts at (and increments by) 1 for each type.
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [email protected]
Automated List Manager [email protected]
