openssl probably just doesn't recognize that OID. Here's what phpseclib (the latest SVN) shows for that particular extension:
[8] => Array ( [extnId] => id-ce-subjectAltName [critical] => [extnValue] => Array ( [0] => Array ( [otherName] => Array ( [type-id] => 1.3.6.1.4.1.311.20.2.3 [value] => t...@kontorlan.tag.no ) ) ) ) Here's a link to phpsecllib: http://phpseclib.sourceforge.net/ On Tue, May 8, 2012 at 8:42 AM, Johansen Daniel <daniel.johan...@evry.com> wrote: > Certificate: > > -----BEGIN CERTIFICATE----- > MIIGojCCBIqgAwIBAgIKHnnv5gAAAAABGDANBgkqhkiG9w0BAQUFADBdMQswCQYD > VQQGEwJOTzEZMBcGA1UEChMQQ2FyZCBTZXJ2aWNlcyBBUzEzMDEGA1UEAxMqQ2Fy > ZCBTZXJ2aWNlcyBBUyBPZmZpY2UgTmV0d29yayBJc3N1aW5nIENBMB4XDTEyMDUw > ODEzMjcxMVoXDTEzMDUwODEzMjcwOFowaDEZMBcGCgmSJomT8ixkARkWCUtPTlRP > UkxBTjETMBEGCgmSJomT8ixkARkWA1RBRzESMBAGCgmSJomT8ixkARkWAk5PMRIw > EAYDVQQDEwlUZXN0IFVzZXIxDjAMBgNVBAMTBVVzZXJzMIGfMA0GCSqGSIb3DQEB > AQUAA4GNADCBiQKBgQCsyZuf2vf3XgGlpG4AkB8IsmiojRLNVgfP65zLMfRyivrb > 4BBXOwxg1E1rZ4WWemiGP/H8KRCjPAISW6/AjixujexHz63OgpB44jYJ+fOhqxr/ > sAMyNXgbcIbC9ar2ZBlzNTNwuoXmcU+VzOCKD8d2US3UGKRIO3LlIfeBQrzUwQID > AQABo4IC2zCCAtcwCwYDVR0PBAQDAgWgMB0GA1UdDgQWBBT7C//fKrl8CQLNAWV5 > sH3iz0sndzAfBgNVHSMEGDAWgBSvF/J6mmW0u9nqsNb/PS3lHfBg9TCB2gYDVR0f > BIHSMIHPMIHMoIHJoIHGhmFodHRwOi8vY2RwMS5jYXJkc2VydmljZXMubm8vY2Vy > dGVucm9sbC9DYXJkJTIwU2VydmljZXMlMjBBUyUyME9mZmljZSUyME5ldHdvcmsl > MjBJc3N1aW5nJTIwQ0EuY3JshmFodHRwOi8vY2RwMi5jYXJkc2VydmljZXMubm8v > Y2VydGVucm9sbC9DYXJkJTIwU2VydmljZXMlMjBBUyUyME9mZmljZSUyME5ldHdv > cmslMjBJc3N1aW5nJTIwQ0EuY3JsMIHuBggrBgEFBQcBAQSB4TCB3jBtBggrBgEF > BQcwAoZhaHR0cDovL2NkcDEuY2FyZHNlcnZpY2VzLm5vL2NlcnRlbnJvbGwvQ2Fy > ZCUyMFNlcnZpY2VzJTIwQVMlMjBPZmZpY2UlMjBOZXR3b3JrJTIwSXNzdWluZyUy > MENBLmNydDBtBggrBgEFBQcwAoZhaHR0cDovL2NkcDIuY2FyZHNlcnZpY2VzLm5v > L2NlcnRlbnJvbGwvQ2FyZCUyMFNlcnZpY2VzJTIwQVMlMjBPZmZpY2UlMjBOZXR3 > b3JrJTIwSXNzdWluZyUyMENBLmNydDA8BgkrBgEEAYI3FQcELzAtBiUrBgEEAYI3 > FQiCydAjheyUSbGZA4LhqDyDyvcrB4LjsHSHz+pYAgFkAgECMB8GA1UdJQQYMBYG > CisGAQQBgjcUAgIGCCsGAQUFBwMCMCkGCSsGAQQBgjcVCgQcMBowDAYKKwYBBAGC > NxQCAjAKBggrBgEFBQcDAjAwBgNVHREEKTAnoCUGCisGAQQBgjcUAgOgFwwVdGV1 > c0BLT05UT1JMQU4uVEFHLk5PMA0GCSqGSIb3DQEBBQUAA4ICAQCLI8HZO7W9YCh5 > ld2cms7WYRXaFHQRi8nrNib2n+XsKa20CeXEpvDhrWbDJhPq7qrLqgITmCE5gXqh > y1LzYyLCKQFZbRPCE4BEI0zd8ZanjP3BOGMWpe9rqkqqvyvhCb/4ienZNSnFjfZm > zhE4gEkIUDK1nUggxG/HkwkvZh5FBi+tQGofwNfNh3BgOVetOg6o9uFBjvpLoMNH > gyhyQm+J40q1y6wERfY0vB/RSVxKyCK9Q6ksl/rjfOOWna9xrV68TLvgElQARCJJ > +NEcdLm3fWleBP6115XFTMMAS+FgppBUvNU38WtLdg3NkWletU1weSmHUdA01Y6h > i1c86PFywH7jplFkPYgcpKCLgf4VNwksMp0KzrZzZoXtO6doMMQxV9nJTdVycLnU > Z6osCV0t5q+2wC83LY+guPhJCXKoru9Do4C/8C2dBFlvzrnHkfMqEJ842Gk83TS+ > nQjtgicG9qF+w4xwwF0DDsHXIoneCcToGYvLVwMZgLIEZe/qIuZfk2PWJxYcscRT > weF7Q+ie8enS2GRkjHENwc0CjzFQsylqEief0faGf7ALgp/Jv+OUx2UT8mYA9zhq > IIDKlTIFP/W+C8jmmF0Gb66vyUS2FBVrZqrbi6s1hlrPyfitu39Efsj9MVaTlk+e > MECGZrbCHKff9zICH61TvwGu6F73tg== > -----END CERTIFICATE----- > > > > Vennlig hilsen > Daniel Bjørnådal Johansen > IT Konsulent, ITO Card Services > daniel.johan...@evry.com > T +47 75 12 81 61 M +47 909 15 267 > > -----Opprinnelig melding----- > Fra: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] > På vegne av Thomas Anderson > Sendt: 8. mai 2012 14:49 > Til: openssl-users@openssl.org > Emne: Re: PHP openssl_x509_parse extensions=>subjectAltName > > Can you post the certificate in question? > > I'm a bit curious as to how phpseclib's File_X509 would parse it. eg. > > [?php] > include('File/X509.php'); > > $x509 = new File_X509(); > print_r$x509->loadX509($_SERVER['SSL_CLIENT_CERT'])); > [/?php] > > On Tue, May 8, 2012 at 7:01 AM, Johansen Daniel <daniel.johan...@evry.com> > wrote: >> [?php] >> $x509 = openssl_x509_parse($_SERVER['SSL_CLIENT_CERT']); >> $subjectAltName = $x509['extensions']['subjectAltName']; >> [/?php] >> >> When parsing a x509 certificate and ['extensions']['subjectAltName'] >> contains a newline or space as shown below: >> >> othername: >> Princpal name=t...@test.com >> >> The value in this case "Princpal name=t...@test.com" will not be shown. >> $subjectAltName as shown in the code will display "othername:", and only >> that. >> >> Expected result: >> ---------------- >> echo $subjectAltName; >> // Should print "othername: Princpal name=t...@test.com" >> >> Is this a bug or ignorance on my part ? >> ______________________________________________________________________ >> OpenSSL Project http://www.openssl.org >> User Support Mailing List openssl-users@openssl.org >> Automated List Manager majord...@openssl.org > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org