Re: [openssl-users] Creating multi-valued RDN with config (still not working)

Just following up... Sean On 6/18/2016 10:43 AM, Sean Leonard wrote: I am trying to create a multi-valued RDN with OpenSSL using a config file and the openssl req -x509 command, without success. According to the 2006 thread "Multi-value RDNs and openssl.cnf format" <http://op

[openssl-users] Creating multi-valued RDN with config (still not working)

I am trying to create a multi-valued RDN with OpenSSL using a config file and the openssl req -x509 command, without success. According to the 2006 thread "Multi-value RDNs and openssl.cnf format" , one is

Re: [openssl-users] pkcs12 how to have different key friendlyName?

On 2/13/2015 12:23 PM, Dr. Stephen Henson wrote: On Fri, Feb 13, 2015, Sean Leonard wrote: Using the openssl pkcs12 -export command, how can one specify a different friendlyName attribute for the private key? For example, consider the command: openssl pkcs12 -export -out pkcs12.p12 -name sean

[openssl-users] pkcs12 how to have different key friendlyName?

Using the openssl pkcs12 -export command, how can one specify a different friendlyName attribute for the private key? For example, consider the command: openssl pkcs12 -export -out pkcs12.p12 -name sean key 2015 -inkey key.txt -in user.crt -name sean user cert 2015 -certfile othercerts.txt

[openssl-users] pkcs12 is no encryption possible for certs?

Using the openssl pkcs12 -export command, is it possible to specify a -certpbe value that does not do encryption? Perhaps you only want integrity protection--you don't care whether the certificates are shrouded. The PKCS #12 standard seems to imply that certBags can be used as-is; however, all

Re: [openssl-users] pkcs12 is no encryption possible for certs?

On 2/13/2015 12:12 PM, Dr. Stephen Henson wrote: On Fri, Feb 13, 2015, Sean Leonard wrote: Using the openssl pkcs12 -export command, is it possible to specify a -certpbe value that does not do encryption? Perhaps you only want integrity protection--you don't care whether the certificates

Re: [openssl-users] pkcs12 how to have different key friendlyName?

On 2/13/2015 12:23 PM, Dr. Stephen Henson wrote: On Fri, Feb 13, 2015, Sean Leonard wrote: Using the openssl pkcs12 -export command, how can one specify a different friendlyName attribute for the private key? For example, consider the command: openssl pkcs12 -export -out pkcs12.p12 -name sean

Re: How to encode non-DirectoryStrings in DN? (x500UniqueIdentifier, postalAddress)

bump. Anyone? Does anyone know how to encode a distinguished name attribute as something other than a DirectoryString? Is it even possible with the command-line tools? -Sean On 11/15/2010 11:13 AM, Sean Leonard wrote: Hello, I would like to get OpenSSL 1.0.0 to encode distinguished name

How to encode non-DirectoryStrings in DN? (x500UniqueIdentifier, postalAddress)

Hello, I would like to get OpenSSL 1.0.0 to encode distinguished name attributes as things other than DirectoryString, using openssl req at the command line. The specific use cases are: x500UniqueIdentifier -- BIT STRING postalAddress -- PostalAddress ::= SEQUENCE OF DirectoryString