[openssl-dev] Netscape Comment Tag Value
Kurt Cancemi
kurt at x64architecture.com
Fri Jan 27 12:14:00 UTC 2017
OpenSSL is correct to expect the extension as an IA5STRING. The
netscape-comment extension is defined with the OID
2.16.840.1.113730.1.13 and should be an IA5STRING.
Some references (It's not in any RFC afaik):
https://docs.oracle.com/cd/E19957-01/816-5533-10/ext.htm#1043093
https://msdn.microsoft.com/en-us/library/windows/desktop/aa378149(v=vs.85).aspx
--
Kurt Cancemi
https://www.x64architecture.com
On Fri, Jan 27, 2017 at 12:13 AM, Rod Falck <R.Falck at comforte.com> wrote:
> Hi,
>
>
>
> I have an OpenSSL based client which fails when validating a certificate
> generated by IBM RACF. It fails because the ASN.1 tag for the X509v3
> extension Netscape Comment is 19 (V_ASN1_PRINTABLESTRING) and OpenSSL is
> expecting 22 (V_ASN1_IA5STRING). Is this a bug in OpenSSL or RACF? Can
> anyone point me to the RFC, or any document, that specifies the expected tag
> value?
>
>
>
> Rod.
>
> --
>
> Rod Falck. Software Architect. comForte Pty Ltd.
>
More information about the openssl-dev
mailing list