[openssl-users] Displaying subjectAtlName othername content
rgm at htt-consult.com
Mon Aug 14 19:38:20 UTC 2017
On 08/14/2017 03:28 PM, Jakob Bohm wrote:
> On 14/08/2017 20:55, Robert Moskowitz wrote:
>> On 08/14/2017 02:04 PM, Salz, Rich via openssl-users wrote:
>>> ➢ Is there anyway to display the basic ASN.1 structure here so I can
>>> what was stored in the cert?
>>> openssl asn1parse
>> Humpf. I looked at that a few times and did not see the obvious. Sigh.
>> So some progress. using -i and got:
>> 573:d=5 hl=2 l= 3 prim: OBJECT :X509v3 Subject
>> Alternative Name
>> 578:d=5 hl=2 l= 29 prim: OCTET STRING [HEX
>> Added -strparse 578 and got:
>> 0:d=0 hl=2 l= 27 cons: SEQUENCE
>> 2:d=1 hl=2 l= 25 cons: cont [ 0 ]
>> 4:d=2 hl=2 l= 8 prim: OBJECT :220.127.116.11.18.104.22.168.4
>> 14:d=2 hl=2 l= 13 cons: cont [ 0 ]
>> 16:d=3 hl=2 l= 11 cons: SEQUENCE
>> 18:d=4 hl=2 l= 3 prim: OBJECT :22.214.171.124
>> 23:d=4 hl=2 l= 4 prim: OCTET STRING [HEX DUMP]:01020304
>> Since I don't know that SubjectAltName content will always start at
>> 578, I have to do the asn1parse in two steps.
>> It is a start...
> Try using dumpasn1.c by Peter Gutmann instead, it has nicer output and
> automatically descends into these structures. However it requires that
> you convert from Base64 to binary before calling it.
And build your own version of openssl! I am too far behind on this and
other work to invest more time building my own modules. Sigh.
Thanks, though. Perhaps get to it later.
More information about the openssl-users