Hello,
I'm working on some scripts to enable users to request certs.
For this purpose I've made a patch to the openssl req command,
which enables the scripts to extract the subject DN and hash
value (like in openssl x509 -subject -hash ...).
In case this is of any interest for the public, I'm att
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Svenning Sørensen
> Sent: Friday, June 23, 2000 4:38 PM
> To: [EMAIL PROTECTED]
> Subject: Subject DN and hash output from openssl req
Argh! Having received my own mail from the li
I'm really sorry bothering you again, but I realized that my previous
patch was a bit clumsy. Mostly because it wasn't consistent with the
way "openssl x509" and "openssl crl" prints the DN hash value, so it
didn't fit too well into the convention of making symlink names based
on the hash (I have
Yep, I posted a patch on this list a couple of months ago.
See http://www.mail-archive.com/openssl-dev@openssl.org/msg05728.html
This adds a -subject option (to print the subject DN), and a -hash option to
print the hash value of the DN, which could be used to construct the
filename for the reque
You wrote:
> > Has anyone added a "-dn" flag to the req command? This would
> > make it much
> > easier to write scripts that generate lots of requests.
> (Okay, maybe
> > not a lot easier, since I could set up a config file that
> > pointed to the
> > environment, and then set env-vars, but that
Steve wrote:
> > 2. Problem with ASN1_INTEGER_to_BN
> >
> > In OpenSSL there is following code:
> >
> > BIGNUM *ASN1_INTEGER_to_BN(ASN1_INTEGER *ai, BIGNUM *bn)
> > {
> > BIGNUM *ret;
> >
> > if ((ret=BN_bin2bn(ai->data,ai->length,bn)) == NULL)
> > ASN1err(ASN1_F_ASN1_INTEGER_TO