[openssl-users] 802.1AR certificate generation and the config file
Salz, Rich
rsalz at akamai.com
Fri Aug 11 15:14:42 UTC 2017
> My challenge comes to subjectAltName and its subfield
> hardwareModuleName
> per RFC 4108. I guess I am not 'getting' the subjectAltName section of
> 'man x509v3_config'.
Not all forms of SAN names are supported. If you look in include/openssl/x509v3.h you see the following:
# define GEN_OTHERNAME 0
# define GEN_EMAIL 1
# define GEN_DNS 2
# define GEN_X400 3
# define GEN_DIRNAME 4
# define GEN_EDIPARTY 5
# define GEN_URI 6
# define GEN_IPADD 7
# define GEN_RID 8
crypto/x509v3/v3_alt.c you can find details and corner-case information.
More information about the openssl-users
mailing list