[openssl-dev] Creating requests and certificates with Subject Alternative Names
Angus Robertson - Magenta Systems Ltd
angus at magsys.co.uk
Fri Sep 22 15:09:00 UTC 2017
> I'm creating X509 certificate requests and certificates in code,
> trying to add X509v3 Subject Alternative Name, with 1.1.0f.
>
> But if I add a list of four domains, ie:
> The certificate seems to ignore some and repeat others:
To answer my own question, I was using ASN1_STRING_set0 instead of
ASN1_STRING_set and the original ANSI string was a temporary variable,
so got lost as a new string was added since it was not copied.
But there must be an easier way of adding SANs to certificates than
using undocumented GENERAL_NAME APIs.
Angus
More information about the openssl-dev
mailing list