Hello,
Can anyone help me in discerning which version of openssl supports
sbgp-autonomousSysNum
and sbgp-ipAddrBlock? If it has been deprecated then providing the
alternative would be greatly appreciated.
A sample openssl.cnf is provided below. When I perform a request for req it
fails because
Hello,
Can anyone help me in discerning which version of openssl supports
sbgp-autonomousSysNum
and sbgp-ipAddrBlock? If it has been deprecated then providing the
alternative would be greatly appreciated.
A sample openssl.cnf is provided below. When I perform a request for req it
fails because
Hello,
Can anyone help me in discerning which version of openssl supports
sbgp-autonomousSysNum
and sbgp-ipAddrBlock? If it has been deprecated then providing the
alternative would be greatly appreciated.
A sample openssl.cnf is provided below. When I perform a request for req it
fails because
On 18 Jan 2014, at 4:09 AM, Graham Leggett minf...@sharp.fm wrote:
I am trying to load the name and value of an X509 extension programmatically
via the API (in other words, the openssl.cnf file isn't being used), and I am
struggling with openssl telling me that the tag doesn't exist
On Sat, Jan 18, 2014, Graham Leggett wrote:
Some more digging and I still can't find how openssl parses extensions.
Reverse engineering the code, it appears that ASN1_generate_v3() expects to
be passed a parameter string that is a name value pair separated with a
colon, which the string
On 18 Jan 2014, at 2:25 PM, Dr. Stephen Henson st...@openssl.org wrote:
Have a look at demos/x509/mkcert.c
I eventually found it was as simple as this:
*extension = X509V3_EXT_conf(NULL, NULL, (char *)name, (char *)val);
What threw me was whether it was ok to pass NULL or not (it is).
Hi all,
I am trying to load the name and value of an X509 extension programmatically
via the API (in other words, the openssl.cnf file isn't being used), and I am
struggling with openssl telling me that the tag doesn't exist.
The extension I want to load has the name keyUsage and value
Hi everybody,
is there an easy way to extract the certificate's issuer serialNumber
(that is the one in the X509v3 Authority Key Identifier extension)? At
the moment, I try to parse this extension using string methods, but I
could imagine that there is another way to do this. Am I right?
Thanks
On Wed, Apr 30, 2008, Carolin Latze wrote:
Hi everybody,
is there an easy way to extract the certificate's issuer serialNumber
(that is the one in the X509v3 Authority Key Identifier extension)? At
the moment, I try to parse this extension using string methods, but I
could imagine that
Hi everybody,
I have some problems with X509 extensions. First of all, what I want to do:
I want to define new extensions, simply some new extension fields that I
want to fill with values.
I thought, I just define them in an array:
struct entry ext_entries[3] =
{
Great thx again for you advice. If someone suffers the same problem
of retrieving the OCSP URI from a X509 my code can be found here.
char* get_OCSPlocation_from_X509(X509* cert, char** urls)
{
BIO* mem=NULL;
ACCESS_DESCRIPTION* ad=NULL;
STACK_OF(ACCESS_DESCRIPTION)*
Hallo,
is it possible (i know it is but not to me at the moment ): ), to
easily retrieve the OCSP URI from a X509 v3 certificate extension
list?
X509v3 extensions:
..
Authority Information Access:
OCSP: URI:http:http://ocsp.com
..
Would be great if you can help me with a tiny code
On Fri, Nov 24, 2006, Michael Stephan wrote:
Hallo,
is it possible (i know it is but not to me at the moment ): ), to
easily retrieve the OCSP URI from a X509 v3 certificate extension
list?
X509v3 extensions:
..
Authority Information Access:
OCSP: URI:http:http://ocsp.com
On Fri, Nov 17, 2006, Manivannan S - TLS, Chennai wrote:
Hi all,
I am working in an application which involves TLS connection. My
requirement is to read
subjectAltName from the client certificate received by the server, when
accepting TLS connection.
I
Hi all,
I am working in an application which involves TLS connection. My
requirement is to read
subjectAltName from the client certificate received by the server, when
accepting TLS connection.
I have generated CA certificate, client and server certificate
with
hi
i am using openssl toolkit and not custom source code to the following
operation :
- i have to add a custom attribute say :
CertVersionID ::= SEQUENCE {
hashAlgorithm AlgorithmIdentifier,
issuerNameHash OCTET STRING
issuerKeyHash OCTET STRING
hi
i am using openssl toolkit and not custom source code to the following
operation :
- i have to add a custom attribute say :
CertVersionID ::= SEQUENCE {
hashAlgorithm AlgorithmIdentifier,
issuerNameHash OCTET STRING
issuerKeyHash OCTET STRING
Per Dr. Henson's suggestion I've been writing some code for Apache mod_ssl in order to
determine the certificate class for our corporate PKI certs that have the Certificate
Policy attribute.
I've had some odd results and wanted to see if anyone can clarify for me.
I was unable to find the
On Wed, Jun 04, 2003, [EMAIL PROTECTED] wrote:
Per Dr. Henson's suggestion I've been writing some code for Apache mod_ssl
in order to determine the certificate class for our corporate PKI certs that
have the Certificate Policy attribute.
I've had some odd results and wanted to see if
)
[EMAIL PROTECTED]
-Original Message-
From: Dr. Stephen Henson [mailto:[EMAIL PROTECTED]
Sent: Wednesday, June 04, 2003 11:47 AM
To: [EMAIL PROTECTED]
Subject: Re: X509 Extension Parsing
On Wed, Jun 04, 2003, [EMAIL PROTECTED] wrote:
Per Dr. Henson's suggestion I've been writing
On Wed, Jun 04, 2003, [EMAIL PROTECTED] wrote:
Tried the following:
POLICYINFO *cp;
if ((cp = X509_get_ext_d2i(xs, NID_certificate_policies, NULL, NULL)) ==
NULL)
return NoCP;
And it does indeed return NULL and thus NoCP, even when
X509_get_ext_by_NID does return a valid
Hi,
I would like to add an extension to a X509 cert to carry the information
about the RSA key used (sshv1, sshv2, etc) to build the cert.
How could I include this information to let the peer search for the
right path ($HOME/.ssh/) and the right file to search for public key (identity.pub)?
Hi,
I use different type of RSA keys to build a X509 Cert,
so I would like to add an extension to the certificate to
establish what kinda of key peer is using.
How could I do that?
Thanks in advance
--
Davide D'Amico [EMAIL PROTECTED]
/(
PROTECTED]'
Subject: What's an rfc822Name, anyway? (was RE: How to add a new x509
extension?)
What's the format of an rfc822Name? Is it name@fqdn, or something else?
The X.509 doc doesn't seem to say.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent
24 matches
Mail list logo
