[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: syncrepl, client certificate containing subjectAltName and non UTF-8 chars

To: Emmanuel Dreyfus <manu@netbsd.org>
Subject: Re: syncrepl, client certificate containing subjectAltName and non UTF-8 chars
From: Howard Chu <hyc@symas.com>
Date: Fri, 20 Jul 2007 11:06:52 -0700
Cc: openldap-software@openldap.org
In-reply-to: <1i1kffr.aafinyenthxwM%manu@netbsd.org>
References: <1i1kffr.aafinyenthxwM%manu@netbsd.org>
User-agent: Mozilla/5.0 (X11; U; Linux i686; rv:1.9a7pre) Gecko/2007071806 SeaMonkey/2.0a1pre

Emmanuel Dreyfus wrote:

Howard Chu <hyc@symas.com> wrote:

 From what you've posted above, I'm pretty sure you're not using
"subjectAltName" correctly. It is not a component of the certificate's
subject, it is an X.509 certificate extension. Read the OpenSSL
documentation and fix your certificates.


A pointer to the good documentation? My favourite search engine does not
return obvious results for configuring subjectAltName with OpenSSL...


http://openssl.org/docs/apps/ca.html#
http://openssl.org/docs/apps/x509v3_config.html#
--
  -- Howard Chu
  Chief Architect, Symas Corp.  http://www.symas.com
  Director, Highland Sun        http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP     http://www.openldap.org/project/

Follow-Ups:
- Re: syncrepl, client certificate containing subjectAltName and non UTF-8 chars
  - From: Howard Chu <hyc@symas.com>

References:
- Re: syncrepl, client certificate containing subjectAltName and non UTF-8 chars
  - From: manu@netbsd.org (Emmanuel Dreyfus)

Prev by Date: Re: syncrepl, client certificate containing subjectAltName and non UTF-8 chars
Next by Date: Re: OpenLDAP restart required after password change
Index(es):
- Chronological
- Thread