x509 cert contains subject in "hexa" code

Sun, 06 Mar 2011 13:59:00 -0800 

Hi,

I am using  openssl 0.9.8g and certtool (GnuTLS 2.4.2) 2.4.2
I am on Debien/Lenny.

I have generate a priv key for my CA, then a cert for this CA.
Next, I am signing csr using, this command :
/usr/bin/certtool --generate-certificate --load-request ${fqdn}.csr
--outfile ${fqdn}.scsr \
                    --load-ca-certificate /etc/ssl/cert/$(hostname
-f)_CA.pem --load-ca-privkey /etc/ssl/private/$(hostname -f)_CA.key \
                    --template ${fqdn}.info
with .info like this (example: www.ppprod.biz.info):
cn = www.ppprod.biz
country = FR
serial = 11
email = dbou...@ppprod.net
tls_www_client
tls_www_server
signing_key
encryption_key

All seems to be ok,
but when I am typing "openssl x509 -text -in www.ppprod.biz.scsr
-noout -subject"
I see
...
subject= 
/C=\xA8\xAE\x96\xBF\xD44/O=\xA8\xAE\x96\xBF\xD44/OU=\xA8\xAE\x96\xBF\xD44/L=\xA8\xAE\x96\xBF\xD44/ST=\xA8\xAE\x96\xBF\xD44/CN=\xA8\xAE\x96\xBF\xD44/UID=\xA8\xAE\x96\xBF\xD44

And then, when I am using the cert, verify failed. Example, with openvpn:
Sun Mar  6 22:55:17 2011 us=224040 VERIFY OK: depth=1, /C=FR/CN=www.ppprod.net
Sun Mar  6 22:55:17 2011 us=224503 VERIFY ERROR: could not extract
Common Name from X509 subject string
('/C=_xC8_x08_xE2_xBF_xD4_xB4U_x05_xB0_x08_xE2_xBF_xD0_xD5/O=_xC8_x08_xE2_xBF_xD4_xB4U_x05_xB0_x08_xE2_xBF_xD0_xD5/OU=_xC8_x08_xE2_xBF_xD4_xB4U_x05_xB0_x08_xE2_xBF_xD0_xD5/L=_xC8_x08_xE2_xBF_xD4_xB4U_x05_xB0_x08_xE2_xBF_xD0_xD5/ST=_xC8_x08_xE2_xBF_xD4_xB4U_x05_xB0_x08_xE2_xBF_xD0_xD5/CN=_xC8_x08_xE2_xBF_xD4_xB4U_x05_xB0_x08_xE2_xBF_xD0_xD5/UID=_xC8_x08_xE2_xBF_xD4_xB4U_x05_xB0_x08_xE2_xBF_xD0_xD5')
-- note that the Common Name length is limited to 64 characters
Sun Mar  6 22:55:17 2011 us=224589 TLS_ERROR: BIO read
tls_read_plaintext error: error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Sun Mar  6 22:55:17 2011 us=224615 TLS Error: TLS object -> incoming
plaintext read error
Sun Mar  6 22:55:17 2011 us=224637 TLS Error: TLS handshake failed

How can I set a correct format for subject field ?
Thanks.

Dim
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to