1.OU or OU.1 ?

Dirk-Willem van Gulik dirkx at webweaving.org
Fri Mar 20 21:26:13 UTC 2020



> On 20 Mar 2020, at 22:12, Salz, Rich via openssl-users <openssl-users at openssl.org> wrote:
> 
> The doc/man5/config.pod file says to use
>                 1.OU = “My first OU”
>                 2.OU = “My second OU”
>  
> But doc/man5/x509v3_config.pod says to append the numeric, as in
>                 email.1 = steve at here
>                 email.2 = steve at there
>  
> I believe the second form is correct.  Can anyone confirm?

AFAIK: Either simply like (e.g. in an extension file):

	 subjectAltName=email:foo at x,email:bar at x

or more listed like your second form:

	[ v3_req ]
	subjectAltName = @extrabits

	[ extrabits ]
	email.1=foo
	email.2=foo

or straight (ordered) directly:

	openssl req -x509 -subj /CN=foo/CN=bar -keyout /dev/null -nodes| openssl x509 -noout -subject  

Dw.





More information about the openssl-users mailing list