[openssl-users] 802.1AR certificate generation and the config file
Robert Moskowitz
rgm at htt-consult.com
Fri Aug 11 17:57:23 UTC 2017
Frustrated...
On 08/11/2017 11:14 AM, Salz, Rich via openssl-users wrote:
>> My challenge comes to subjectAltName and its subfield
>> hardwareModuleName
>> per RFC 4108. I guess I am not 'getting' the subjectAltName section of
>> 'man x509v3_config'.
> Not all forms of SAN names are supported. If you look in include/openssl/x509v3.h you see the following:
> # define GEN_OTHERNAME 0
> # define GEN_EMAIL 1
> # define GEN_DNS 2
> # define GEN_X400 3
> # define GEN_DIRNAME 4
> # define GEN_EDIPARTY 5
> # define GEN_URI 6
> # define GEN_IPADD 7
> # define GEN_RID 8
I just spent over an hour googling around as well as reading openssl
docs to get a list of distinguished_name fields. Both in their full
form and abbreviated form. All I fined are the common ones in examples.
And for the list above for SAN, how are they presented in the openssl
cli/config. Again, just not finding it.
My search foo is weak.
pointers greatly appreciated.
Bob
More information about the openssl-users
mailing list