Hello,
Can anyone help me in discerning which version of openssl supports sbgp-autonomousSysNum and sbgp-ipAddrBlock? If it has been deprecated then providing the alternative would be greatly appreciated.
A sample openssl.cnf is provided below. When I perform a request for req it fails because of the objects described above. The version of openssl I am using when attempting this req generation is version OpenSSL 1.0.2g 1 Mar 2016
[req] default_bits = 2048 default_md = sha256 distinguished_name = req_dn prompt = no encrypt_key = no [req_dn] CN = Testbed RPKI root certificate [x509v3_extensions] basicConstraints = critical,CA:true subjectKeyIdentifier = hash keyUsage = critical,keyCertSign,cRLSign subjectInfoAccess = @sia certificatePolicies = critical,1.3.6.1.5.5.7.14.2 sbgp-autonomousSysNum = critical,@rfc3779_asns sbgp-ipAddrBlock = critical,@rfc3997_addrs [sia] 1.3.6.1.5.5.7.48.5;URI = rsync://example.org/rpki/root/ 1.3.6.1.5.5.7.48.10;URI = rsync://example.org/rpki/root/root.mft [rfc3779_asns] AS.0 = 64496-64511 AS.1 = 65536-65551 [rfc3997_addrs] IPv4.0 = 192.0.2.0/24 IPv4.1 = 198.51.100.0/24 IPv4.2 = 203.0.113.0/24 IPv6.0 = 2001:0DB8::/32
Cheers,Freemon-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
