[openssl-users] Displaying subjectAtlName othername content
jb-openssl at wisemo.com
Mon Aug 14 20:00:13 UTC 2017
On 14/08/2017 21:38, Robert Moskowitz wrote:
> On 08/14/2017 03:28 PM, Jakob Bohm wrote:
>> On 14/08/2017 20:55, Robert Moskowitz wrote:
>>> On 08/14/2017 02:04 PM, Salz, Rich via openssl-users wrote:
>>>> ➢ Is there anyway to display the basic ASN.1 structure here so I can
>>>> what was stored in the cert?
>>>> openssl asn1parse
>>> Humpf. I looked at that a few times and did not see the obvious. Sigh.
>>> So some progress. using -i and got:
>>> 573:d=5 hl=2 l= 3 prim: OBJECT :X509v3 Subject
>>> Alternative Name
>>> 578:d=5 hl=2 l= 29 prim: OCTET STRING [HEX
>>> Added -strparse 578 and got:
>>> 0:d=0 hl=2 l= 27 cons: SEQUENCE
>>> 2:d=1 hl=2 l= 25 cons: cont [ 0 ]
>>> 4:d=2 hl=2 l= 8 prim: OBJECT :184.108.40.206.220.127.116.11.4
>>> 14:d=2 hl=2 l= 13 cons: cont [ 0 ]
>>> 16:d=3 hl=2 l= 11 cons: SEQUENCE
>>> 18:d=4 hl=2 l= 3 prim: OBJECT :18.104.22.168
>>> 23:d=4 hl=2 l= 4 prim: OCTET STRING [HEX DUMP]:01020304
>>> Since I don't know that SubjectAltName content will always start at
>>> 578, I have to do the asn1parse in two steps.
>>> It is a start...
>> Try using dumpasn1.c by Peter Gutmann instead, it has nicer output and
>> automatically descends into these structures. However it requires that
>> you convert from Base64 to binary before calling it.
> And build your own version of openssl! I am too far behind on this and
> other work to invest more time building my own modules. Sigh.
> Thanks, though. Perhaps get to it later.
dumpasn1.c is a useful ready-to-use tool that just needs a trivial
compile from a single file to a program for your computer type. It has
saved me a lot of time over the years.
Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
More information about the openssl-users