Hello, does anybody know what to write in the extension config to get thisX509v3 Name Constraints as the attached certificate (intel-ca.pem, intel-ca.text)?
Thanks. -- Greetings, Walter
-----BEGIN CERTIFICATE----- MIIJWTCCCEGgAwIBAgIQeRdKqRQXNv4Vp8qfLP9FiDANBgkqhkiG9w0BAQUFADBv MQswCQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFk ZFRydXN0IEV4dGVybmFsIFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBF eHRlcm5hbCBDQSBSb290MB4XDTEzMDIwMTAwMDAwMFoXDTIwMDUzMDEwNDgzOFow UjELMAkGA1UEBhMCVVMxGjAYBgNVBAoTEUludGVsIENvcnBvcmF0aW9uMScwJQYD VQQDEx5JbnRlbCBFeHRlcm5hbCBCYXNpYyBQb2xpY3kgQ0EwggEiMA0GCSqGSIb3 DQEBAQUAA4IBDwAwggEKAoIBAQDCuISVQi3csKqYk5uz7IOhY8MXkiqBaTqagiht iM997G1mJhTojcR+8DCg3E8OQ3ZajByhxRkwlsR4Srl5sGSwWfF/XaAHGUhWIhjB kDO7toW+EMzI8pAjcLwIbRlIL0AFnUTe6Z0DcIS5406Y/9MKE2oKXbf4EbVBv88m SkA74Z+lZJWFNxXncx/9wq8UdyMY2vHN1Kir1/JbtrqB9wYRBjQtWSbAVZR8nTBP yRp4uvQTS2jOQh+jTUo1Y3O/o1xg/zRA4FEOUCla704OYRUkc8NuXHiPNNDcktr7 gO8E06NVQ6n6aBGaOJbSst2vHA7Eiog7A2PB4wKn+GDFf+FNAgMBAAGjggYMMIIG CDAfBgNVHSMEGDAWgBStvZh6NLQm9/rEJlTvA73gJMtUGjAdBgNVHQ4EFgQUVjpv F6skDOW3MWSwEe3b6iO+XrwwDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYB Af8CAQEwXgYDVR0lBFcwVQYIKwYBBQUHAwEGCCsGAQUFBwMCBggrBgEFBQcDAwYI KwYBBQUHAwQGCCsGAQUFBwMIBgorBgEEAYI3CgMEBgorBgEEAYI3CgMMBgkrBgEE AYI3FQUwFwYDVR0gBBAwDjAMBgoqhkiG+E0BBQFpMEkGA1UdHwRCMEAwPqA8oDqG OGh0dHA6Ly9jcmwudHJ1c3QtcHJvdmlkZXIuY29tL0FkZFRydXN0RXh0ZXJuYWxD QVJvb3QuY3JsMIHCBggrBgEFBQcBAQSBtTCBsjBEBggrBgEFBQcwAoY4aHR0cDov L2NydC50cnVzdC1wcm92aWRlci5jb20vQWRkVHJ1c3RFeHRlcm5hbENBUm9vdC5w N2MwPgYIKwYBBQUHMAKGMmh0dHA6Ly9jcnQudHJ1c3QtcHJvdmlkZXIuY29tL0Fk ZFRydXN0VVROU0dDQ0EuY3J0MCoGCCsGAQUFBzABhh5odHRwOi8vb2NzcC50cnVz dC1wcm92aWRlci5jb20wggQXBgNVHR4EggQOMIIECqCCA9QwC4EJaW50ZWwuY29t MAuCCWFwcHVwLmNvbTAOggxjbG91ZG5wby5vcmcwE4IRZWRhY2FkdG9vbGtpdC5v cmcwC4IJZnRsMTAuY29tMAuCCWloY21zLm5ldDAOggxpbmMtbmVzdC5uZXQwFoIU aW5kaWFlZHVzZXJ2aWNlcy5jb20wDYILaW50ZWwuY28uanAwDYILaW50ZWwuY28u a3IwDYILaW50ZWwuY28udWswC4IJaW50ZWwuY29tMAqCCGludGVsLmZyMAuCCWlu dGVsLm5ldDATghFpbnRlbGFsbGlhbmNlLmNvbTAUghJpbnRlbGFwYWNzdG9yZS5j b20wFoIUaW50ZWxhc3NldGZpbmRlci5jb20wGYIXaW50ZWxiZXR0ZXJ0b2dldGhl ci5jb20wFIISaW50ZWxjaGFsbGVuZ2UuY29tMBOCEWludGVsY2xvdWRzc28uY29t MB6CHGludGVsY29uc3VtZXJlbGVjdHJvbmljcy5jb20wEoIQaW50ZWxjb3JlMjAx MC5ydTAWghRpbnRlbGZlbGxvd3NoaXBzLmNvbTAWghRpbnRlbGh5YnJpZGNsb3Vk LmNvbTAUghJpbnRlbHBvcnRmb2xpby5jb20wDoIMaW50ZWwtcmEuY29tMBSCEmlu dGVsLXJlc2VhcmNoLm5ldDAUghJpbnRlbHJtYXN1cnZleS5jb20wGIIWaW50ZWxz bWFsbGJ1c2luZXNzLmNvbTARgg9teWludGVsZWRnZS5jb20wEYIPbXktbGFwdG9w LmNvLnVrMBKCEG9yaWdpbi1hcHB1cC5jb20wHoIcb3JpZ2luLWludGVncmF0aW9u LWFwcHVwLmNvbTAIggZwYy5jb20wFIIScGN0aGVmdGRlZmVuY2UuY29tMBSCEnBj dGhlZnRkZWZlbnNlLmNvbTAOggxwdmF0cmlhbC5uZXQwGYIXcmVkZWZpbmV5b3Vy bmV0d29yay5jb20wD4INcmV0YWlsLWlhLmNvbTAUghJzZXJ2ZXItaW5zaWdodC5j b20wE4IRdGhlaW50ZWxzdG9yZS5jb20wHYIbdGhyZWFkaW5nYnVpbGRpbmdibG9j a3Mub3JnMBuCGXRodW5kZXJib2x0dGVjaG5vbG9neS5uZXQwIIIedWx0cmFib29r LXNvZnR3YXJlLWNvbnRlc3QuY29tMFCkTjBMMQswCQYDVQQGEwJVUzELMAkGA1UE CBMCQ0ExFDASBgNVBAcTC1NhbnRhIENsYXJhMRowGAYDVQQKExFJbnRlbCBDb3Jw b3JhdGlvbqEwMAqHCAAAAAAAAAAAMCKHIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAMA0GCSqGSIb3DQEBBQUAA4IBAQBYb7/NQwdCE/y40K2BIfKKb++H vCaKfAC9aAwrGWQsEWezqdl5Cqw5XWUAFjtTRm6iprVnmdvov6IlrgSVEQk6L96s tz24vAF0MIBHSFRMoPtrqLiihLf0NOV7ztxSePQxbUJRroe/lKy+lhb7VeV5gmT9 rFA45NzLgSznd2+dmyNcfQQD9AeeftRX4maUTeu1XFxinowtg+ZGFOKhE4D92uCG JxGSK72HF0/LGRhLXozmDdmPfSN2b6T/oLo942031iY46BqcI5LIVh8aGo4A1jOm a5X6gh50Cw+kht8jM3yeNhSzXOKj7Uigjijx10z2wJu09Tyj5ahjoiwIpdX+ -----END CERTIFICATE-----
Certificate: Data: Version: 3 (0x2) Serial Number: 79:17:4a:a9:14:17:36:fe:15:a7:ca:9f:2c:ff:45:88 Signature Algorithm: sha1WithRSAEncryption Issuer: C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root Validity Not Before: Feb 1 00:00:00 2013 GMT Not After : May 30 10:48:38 2020 GMT Subject: C=US, O=Intel Corporation, CN=Intel External Basic Policy CA Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:c2:b8:84:95:42:2d:dc:b0:aa:98:93:9b:b3:ec: 83:a1:63:c3:17:92:2a:81:69:3a:9a:82:28:6d:88: cf:7d:ec:6d:66:26:14:e8:8d:c4:7e:f0:30:a0:dc: 4f:0e:43:76:5a:8c:1c:a1:c5:19:30:96:c4:78:4a: b9:79:b0:64:b0:59:f1:7f:5d:a0:07:19:48:56:22: 18:c1:90:33:bb:b6:85:be:10:cc:c8:f2:90:23:70: bc:08:6d:19:48:2f:40:05:9d:44:de:e9:9d:03:70: 84:b9:e3:4e:98:ff:d3:0a:13:6a:0a:5d:b7:f8:11: b5:41:bf:cf:26:4a:40:3b:e1:9f:a5:64:95:85:37: 15:e7:73:1f:fd:c2:af:14:77:23:18:da:f1:cd:d4: a8:ab:d7:f2:5b:b6:ba:81:f7:06:11:06:34:2d:59: 26:c0:55:94:7c:9d:30:4f:c9:1a:78:ba:f4:13:4b: 68:ce:42:1f:a3:4d:4a:35:63:73:bf:a3:5c:60:ff: 34:40:e0:51:0e:50:29:5a:ef:4e:0e:61:15:24:73: c3:6e:5c:78:8f:34:d0:dc:92:da:fb:80:ef:04:d3: a3:55:43:a9:fa:68:11:9a:38:96:d2:b2:dd:af:1c: 0e:c4:8a:88:3b:03:63:c1:e3:02:a7:f8:60:c5:7f: e1:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Authority Key Identifier: keyid:AD:BD:98:7A:34:B4:26:F7:FA:C4:26:54:EF:03:BD:E0:24:CB:54:1A X509v3 Subject Key Identifier: 56:3A:6F:17:AB:24:0C:E5:B7:31:64:B0:11:ED:DB:EA:23:BE:5E:BC X509v3 Key Usage: critical Digital Signature, Certificate Sign, CRL Sign X509v3 Basic Constraints: critical CA:TRUE, pathlen:1 X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication, Code Signing, E-mail Protection, Time Stamping, Microsoft Encrypted File System, 1.3.6.1.4.1.311.10.3.12, 1.3.6.1.4.1.311.21.5 X509v3 Certificate Policies: Policy: 1.2.840.113741.1.5.1.105 X509v3 CRL Distribution Points: Full Name: URI:http://crl.trust-provider.com/AddTrustExternalCARoot.crl Authority Information Access: CA Issuers - URI:http://crt.trust-provider.com/AddTrustExternalCARoot.p7c CA Issuers - URI:http://crt.trust-provider.com/AddTrustUTNSGCCA.crt OCSP - URI:http://ocsp.trust-provider.com X509v3 Name Constraints: Permitted: email:intel.com DNS:appup.com DNS:cloudnpo.org DNS:edacadtoolkit.org DNS:ftl10.com DNS:ihcms.net DNS:inc-nest.net DNS:indiaeduservices.com DNS:intel.co.jp DNS:intel.co.kr DNS:intel.co.uk DNS:intel.com DNS:intel.fr DNS:intel.net DNS:intelalliance.com DNS:intelapacstore.com DNS:intelassetfinder.com DNS:intelbettertogether.com DNS:intelchallenge.com DNS:intelcloudsso.com DNS:intelconsumerelectronics.com DNS:intelcore2010.ru DNS:intelfellowships.com DNS:intelhybridcloud.com DNS:intelportfolio.com DNS:intel-ra.com DNS:intel-research.net DNS:intelrmasurvey.com DNS:intelsmallbusiness.com DNS:myinteledge.com DNS:my-laptop.co.uk DNS:origin-appup.com DNS:origin-integration-appup.com DNS:pc.com DNS:pctheftdefence.com DNS:pctheftdefense.com DNS:pvatrial.net DNS:redefineyournetwork.com DNS:retail-ia.com DNS:server-insight.com DNS:theintelstore.com DNS:threadingbuildingblocks.org DNS:thunderbolttechnology.net DNS:ultrabook-software-contest.com DirName: C = US, ST = CA, L = Santa Clara, O = Intel Corporation Excluded: IP:0.0.0.0/0.0.0.0 IP:0:0:0:0:0:0:0:0/0:0:0:0:0:0:0:0 Signature Algorithm: sha1WithRSAEncryption 58:6f:bf:cd:43:07:42:13:fc:b8:d0:ad:81:21:f2:8a:6f:ef: 87:bc:26:8a:7c:00:bd:68:0c:2b:19:64:2c:11:67:b3:a9:d9: 79:0a:ac:39:5d:65:00:16:3b:53:46:6e:a2:a6:b5:67:99:db: e8:bf:a2:25:ae:04:95:11:09:3a:2f:de:ac:b7:3d:b8:bc:01: 74:30:80:47:48:54:4c:a0:fb:6b:a8:b8:a2:84:b7:f4:34:e5: 7b:ce:dc:52:78:f4:31:6d:42:51:ae:87:bf:94:ac:be:96:16: fb:55:e5:79:82:64:fd:ac:50:38:e4:dc:cb:81:2c:e7:77:6f: 9d:9b:23:5c:7d:04:03:f4:07:9e:7e:d4:57:e2:66:94:4d:eb: b5:5c:5c:62:9e:8c:2d:83:e6:46:14:e2:a1:13:80:fd:da:e0: 86:27:11:92:2b:bd:87:17:4f:cb:19:18:4b:5e:8c:e6:0d:d9: 8f:7d:23:76:6f:a4:ff:a0:ba:3d:e3:6d:37:d6:26:38:e8:1a: 9c:23:92:c8:56:1f:1a:1a:8e:00:d6:33:a6:6b:95:fa:82:1e: 74:0b:0f:a4:86:df:23:33:7c:9e:36:14:b3:5c:e2:a3:ed:48: a0:8e:28:f1:d7:4c:f6:c0:9b:b4:f5:3c:a3:e5:a8:63:a2:2c: 08:a5:d5:fe
smime.p7s
Description: S/MIME Cryptographic Signature