[openssl-users] OpenSSL LogoType extension ASN1 encoding
valentin.bud at gmail.com
Sun Jan 18 10:13:08 UTC 2015
I am trying to add the logotype extension to certificates under
a private CA I am taking care of. The CA is built using OpenVPN's
Easy-RSA 3 tool, though I think that doesn't matter in this
I have some questions regarding this matter. Before digging into
details I will tell you the problem I want to solve. I have multiple
Searching the Internet I have found an E-Mail from November 2010 .
Based on that information I have reached to the following snippet
22.214.171.124.126.96.36.199.12 = ASN1:SEQUENCE:logotype_ext
capabilityID = OID:sha1
parameter = NULL
I receive the following error when I try to issue a certificate using
The same when I use the easyrsa wrapper script.
$ openssl ca -in 10.req -out 10.crt -config openssl-1.0.cnf -extfile exts
-days 3650 -batch
Using configuration from openssl-1.0.cnf
Check that the request matches the signature
The Subject's Distinguished Name is as follows
organizationName :ASN.1 12:'10'
organizationalUnitName:ASN.1 12:'Cortex AG Trust Network'
organizationalUnitName:ASN.1 12:'(c) Cortex AG - For authorized use only!'
commonName :ASN.1 12:'Cortex AG Root Certification Authority'
ERROR: adding extensions in section default
6987:error:22074074:X509 V3 routines:V3_GENERIC_EXTENSION:extension value
I have tried changing SEQWRAP with SEQUENCE and also variations I have
found in . None of them worked.
Can someone please tell me what am I doing wrong. Also I have a couple of
logos I want to add to the certificate. How would I encode that in
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the openssl-users