[openssl-users] Displaying subjectAtlName othername content

Mon Aug 14 18:55:12 UTC 2017

On 08/14/2017 02:04 PM, Salz, Rich via openssl-users wrote:
> ➢ Is there anyway to display the basic ASN.1 structure here so I can see
>      what was stored in the cert?
>      
> openssl asn1parse

Humpf.  I looked at that a few times and did not see the obvious. Sigh.

So some progress.  using -i and got:

   573:d=5  hl=2 l=   3 prim:      OBJECT            :X509v3 Subject 
Alternative Name
   578:d=5  hl=2 l=  29 prim:      OCTET STRING      [HEX 
DUMP]:301BA01906082B06010505070804A00D300B06032A0304040401020304

Added -strparse 578 and got:

     0:d=0  hl=2 l=  27 cons: SEQUENCE
     2:d=1  hl=2 l=  25 cons:  cont [ 0 ]
     4:d=2  hl=2 l=   8 prim:   OBJECT            :1.3.6.1.5.5.7.8.4
    14:d=2  hl=2 l=  13 cons:   cont [ 0 ]
    16:d=3  hl=2 l=  11 cons:    SEQUENCE
    18:d=4  hl=2 l=   3 prim:     OBJECT            :1.2.3.4
    23:d=4  hl=2 l=   4 prim:     OCTET STRING      [HEX DUMP]:01020304

Since I don't know that SubjectAltName content will always start at 578, 
I have to do the asn1parse in two steps.

It is a start...

Again, Thanks

Bob