UID in subj args - bug?
rgm at htt-consult.com
Thu Jul 6 15:45:57 UTC 2023
I think there is a bug....
I can provide the CSR and cert both in pem.
the CSR has:
Version: 1 (0x0)
Subject: C = US, ST = MI, L = Oak Park, O = HTT Consulting, UID
the cert that gets created has:
Version: 3 (0x2)
Signature Algorithm: ED25519
Issuer: C = US, ST = MI, L = Oak Park, O = HTT Consulting, CN =
Not Before: Aug 1 00:00:00 2023 GMT
Not After : Jul 31 00:00:00 2024 GMT
Subject: C = US, ST = MI, L = Oak Park, O = HTT Consulting
UID gets cut in the cert. I picked up the UID DN type from somewhere
back some years ago in ver 1.0.9, I think.
Is it supported or not?
And what about Initials? How is that put into the subject?
On 7/5/23 15:50, Robert Moskowitz wrote:
> I had picked up UID as a valid type in subj. I see it in:
> But when I have
> echo $DN
> /C=US/ST=MI/L=Oak Park/O=HTT Consulting/UID=rgm
> with -subj "$DN" my csr has:
> Subject: C = US, ST = MI, L = Oak Park, O = HTT Consulting,
> UID = rgm
> but the openssl ca command to make the certificate throws this back at
> me with:
> ERROR:There is already a certificate for /C=US/ST=MI/L=Oak Park/O=HTT
> The matching entry has the following details
> Type :Valid
> Expires on :240731000000Z
> Serial Number :6466A0D0B4ED8144
> File name :unknown
> Subject Name :/C=US/ST=MI/L=Oak Park/O=HTT Consulting
> And that cert does NOT have UID.
> It seems to be dropping the UID element?
> Also I see that "initials" is a valid type for subj. But I cannot
> find any example. Do I have
More information about the openssl-users