Multi-valued RDN in Subject Alternative Name extension
Williams, Gareth
gareth at garethwilliams.me.uk
Thu Jun 18 07:12:21 UTC 2020
I can successfully add a multi-value RDN to the Subject of a
certificate request using the + format in the config file:
distinguished_name = req_dn
[ req_dn ]
O=Acme
CN=Bloggs
+C=GB
However, if I add a SAN to the request:
subjectAltName = @alt_names
[ alt_names ]
DNS = www.example.com
dirName = req_dn
the resulting request has them as separate RDNs (as if the + is not noticed).
That is, the resulting subject field is: O = Acme, C = GB + CN = Test
While the resulting SAN extension is: DNS:www.example.com,
DirName:/O=Acme/C=GB/CN=Test
Should multi-value RDNs work in the SAN too?
Kind regards,
Gareth Williams
More information about the openssl-users
mailing list