hello everyone, I tried to add OID in objects.txt int his way X509 57 : DUID :DeviceUID and then compiled using these commands from objects folder [ /usr/local/src/openssl-1.0.0a/crypto/objects ].
#perl objects.pl objects.txt obj_mac.num obj_mac.h it displayed, Added OID DeviceUID #perl obj_dat.pl obj_mac.h obj_dat.h then after that i have seen my new OID got added in " obj_mac.num " I have again rebuild my openssl src from /usr/local/src/openssl-1.0.0a/ using ./configure , and make and restarted my openca , httpd . And followed " generate new CA request " to find my OID at the CA certificates signing request certificate.But i couldn't find it added under subject filed of certificate request. Please let me know where i did mistake. If you find thread related to this procedure please share that link to me. thanks alot, aparna hello everyone, I solved my problem.I did small mistake at prefix path.OID has been added. No problem now. thanks, aparna Dr. Stephen Henson wrote: > > On Wed, Jun 30, 2010, Mag wrote: > >> Thanks for the various replies. >> >> On Wed, Jun 30, 2010 at 4:26 AM, Dr. Stephen Henson <st...@openssl.org> >> wrote: >> > If you want an extension then you need to make use of the mini-ASN1 >> compiler >> > to add the appropriate fields. >> > >> > Note that if you add a new OID name in this way it only affects that >> instance >> > of OpenSSL: other applications and other instances of OpenSSL will >> still >> > display the numeric version of the OID and they wont display the fields >> of >> > an extension as they don't know how to parse and display it. >> >> Yes, I should've clarified this originally, I want to add extensions a >> la the "Extensions" type. I did try out the form of adding new OIDs to >> the distinguished name(s) and that seems to work ok, but can you >> elaborate on what you mean by using the mini-ASN.1 compiler to support >> new OIDs? >> >> As far as I can tell this refers to either generating an ASN.1 >> encoding via the "asn1parse -genstr ..." or the ASN1_gen_nconf() >> function. How are those intended to be integrated in creation of a >> certificate? Does this require programmatically constructing the >> certificates? > > See: > > http://www.openssl.org/docs/apps/x509v3_config.html#ARBITRARY_EXTENSIONS > > Steve. > -- > Dr Stephen N. Henson. OpenSSL project core developer. > Commercial tech support now available see: http://www.openssl.org > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org > > -- View this message in context: http://old.nabble.com/Adding-OIDs-tp29030174p34594102.html Sent from the OpenSSL - User mailing list archive at Nabble.com. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org