openssl probably just doesn't recognize that OID. Here's what
phpseclib (the latest SVN) shows for that particular extension:
[8] => Array
(
[extnId] => id-ce-subjectAltName
[critical] =>
[extnValue] => Array
(
[0] => Array
(
[otherName] => Array
(
[type-id] => 1.3.6.1.4.1.311.20.2.3
[value] => t...@kontorlan.tag.no
)
)
)
)
Here's a link to phpsecllib: http://phpseclib.sourceforge.net/
On Tue, May 8, 2012 at 8:42 AM, Johansen Daniel
<daniel.johan...@evry.com> wrote:
> Certificate:
>
> -----BEGIN CERTIFICATE-----
> MIIGojCCBIqgAwIBAgIKHnnv5gAAAAABGDANBgkqhkiG9w0BAQUFADBdMQswCQYD
> VQQGEwJOTzEZMBcGA1UEChMQQ2FyZCBTZXJ2aWNlcyBBUzEzMDEGA1UEAxMqQ2Fy
> ZCBTZXJ2aWNlcyBBUyBPZmZpY2UgTmV0d29yayBJc3N1aW5nIENBMB4XDTEyMDUw
> ODEzMjcxMVoXDTEzMDUwODEzMjcwOFowaDEZMBcGCgmSJomT8ixkARkWCUtPTlRP
> UkxBTjETMBEGCgmSJomT8ixkARkWA1RBRzESMBAGCgmSJomT8ixkARkWAk5PMRIw
> EAYDVQQDEwlUZXN0IFVzZXIxDjAMBgNVBAMTBVVzZXJzMIGfMA0GCSqGSIb3DQEB
> AQUAA4GNADCBiQKBgQCsyZuf2vf3XgGlpG4AkB8IsmiojRLNVgfP65zLMfRyivrb
> 4BBXOwxg1E1rZ4WWemiGP/H8KRCjPAISW6/AjixujexHz63OgpB44jYJ+fOhqxr/
> sAMyNXgbcIbC9ar2ZBlzNTNwuoXmcU+VzOCKD8d2US3UGKRIO3LlIfeBQrzUwQID
> AQABo4IC2zCCAtcwCwYDVR0PBAQDAgWgMB0GA1UdDgQWBBT7C//fKrl8CQLNAWV5
> sH3iz0sndzAfBgNVHSMEGDAWgBSvF/J6mmW0u9nqsNb/PS3lHfBg9TCB2gYDVR0f
> BIHSMIHPMIHMoIHJoIHGhmFodHRwOi8vY2RwMS5jYXJkc2VydmljZXMubm8vY2Vy
> dGVucm9sbC9DYXJkJTIwU2VydmljZXMlMjBBUyUyME9mZmljZSUyME5ldHdvcmsl
> MjBJc3N1aW5nJTIwQ0EuY3JshmFodHRwOi8vY2RwMi5jYXJkc2VydmljZXMubm8v
> Y2VydGVucm9sbC9DYXJkJTIwU2VydmljZXMlMjBBUyUyME9mZmljZSUyME5ldHdv
> cmslMjBJc3N1aW5nJTIwQ0EuY3JsMIHuBggrBgEFBQcBAQSB4TCB3jBtBggrBgEF
> BQcwAoZhaHR0cDovL2NkcDEuY2FyZHNlcnZpY2VzLm5vL2NlcnRlbnJvbGwvQ2Fy
> ZCUyMFNlcnZpY2VzJTIwQVMlMjBPZmZpY2UlMjBOZXR3b3JrJTIwSXNzdWluZyUy
> MENBLmNydDBtBggrBgEFBQcwAoZhaHR0cDovL2NkcDIuY2FyZHNlcnZpY2VzLm5v
> L2NlcnRlbnJvbGwvQ2FyZCUyMFNlcnZpY2VzJTIwQVMlMjBPZmZpY2UlMjBOZXR3
> b3JrJTIwSXNzdWluZyUyMENBLmNydDA8BgkrBgEEAYI3FQcELzAtBiUrBgEEAYI3
> FQiCydAjheyUSbGZA4LhqDyDyvcrB4LjsHSHz+pYAgFkAgECMB8GA1UdJQQYMBYG
> CisGAQQBgjcUAgIGCCsGAQUFBwMCMCkGCSsGAQQBgjcVCgQcMBowDAYKKwYBBAGC
> NxQCAjAKBggrBgEFBQcDAjAwBgNVHREEKTAnoCUGCisGAQQBgjcUAgOgFwwVdGV1
> c0BLT05UT1JMQU4uVEFHLk5PMA0GCSqGSIb3DQEBBQUAA4ICAQCLI8HZO7W9YCh5
> ld2cms7WYRXaFHQRi8nrNib2n+XsKa20CeXEpvDhrWbDJhPq7qrLqgITmCE5gXqh
> y1LzYyLCKQFZbRPCE4BEI0zd8ZanjP3BOGMWpe9rqkqqvyvhCb/4ienZNSnFjfZm
> zhE4gEkIUDK1nUggxG/HkwkvZh5FBi+tQGofwNfNh3BgOVetOg6o9uFBjvpLoMNH
> gyhyQm+J40q1y6wERfY0vB/RSVxKyCK9Q6ksl/rjfOOWna9xrV68TLvgElQARCJJ
> +NEcdLm3fWleBP6115XFTMMAS+FgppBUvNU38WtLdg3NkWletU1weSmHUdA01Y6h
> i1c86PFywH7jplFkPYgcpKCLgf4VNwksMp0KzrZzZoXtO6doMMQxV9nJTdVycLnU
> Z6osCV0t5q+2wC83LY+guPhJCXKoru9Do4C/8C2dBFlvzrnHkfMqEJ842Gk83TS+
> nQjtgicG9qF+w4xwwF0DDsHXIoneCcToGYvLVwMZgLIEZe/qIuZfk2PWJxYcscRT
> weF7Q+ie8enS2GRkjHENwc0CjzFQsylqEief0faGf7ALgp/Jv+OUx2UT8mYA9zhq
> IIDKlTIFP/W+C8jmmF0Gb66vyUS2FBVrZqrbi6s1hlrPyfitu39Efsj9MVaTlk+e
> MECGZrbCHKff9zICH61TvwGu6F73tg==
> -----END CERTIFICATE-----
>
>
>
> Vennlig hilsen
> Daniel Bjørnådal Johansen
> IT Konsulent, ITO Card Services
> daniel.johan...@evry.com
> T +47 75 12 81 61 M +47 909 15 267
>
> -----Opprinnelig melding-----
> Fra: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org]
> På vegne av Thomas Anderson
> Sendt: 8. mai 2012 14:49
> Til: openssl-users@openssl.org
> Emne: Re: PHP openssl_x509_parse extensions=>subjectAltName
>
> Can you post the certificate in question?
>
> I'm a bit curious as to how phpseclib's File_X509 would parse it. eg.
>
> [?php]
> include('File/X509.php');
>
> $x509 = new File_X509();
> print_r$x509->loadX509($_SERVER['SSL_CLIENT_CERT']));
> [/?php]
>
> On Tue, May 8, 2012 at 7:01 AM, Johansen Daniel <daniel.johan...@evry.com>
> wrote:
>> [?php]
>> $x509 = openssl_x509_parse($_SERVER['SSL_CLIENT_CERT']);
>> $subjectAltName = $x509['extensions']['subjectAltName'];
>> [/?php]
>>
>> When parsing a x509 certificate and ['extensions']['subjectAltName']
>> contains a newline or space as shown below:
>>
>> othername:
>> Princpal name=t...@test.com
>>
>> The value in this case "Princpal name=t...@test.com" will not be shown.
>> $subjectAltName as shown in the code will display "othername:", and only
>> that.
>>
>> Expected result:
>> ----------------
>> echo $subjectAltName;
>> // Should print "othername: Princpal name=t...@test.com"
>>
>> Is this a bug or ignorance on my part ?
>> ______________________________________________________________________
>> OpenSSL Project http://www.openssl.org
>> User Support Mailing List openssl-users@openssl.org
>> Automated List Manager majord...@openssl.org
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List openssl-users@openssl.org
> Automated List Manager majord...@openssl.org
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List openssl-users@openssl.org
> Automated List Manager majord...@openssl.org
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
