Thanks for the response, Rich.
On 08/11/2017 11:14 AM, Salz, Rich via openssl-users wrote:
My challenge comes to subjectAltName and its subfield
hardwareModuleName
per RFC 4108. I guess I am not 'getting' the subjectAltName section of
'man x509v3_config'.
Not all forms of SAN names are supported. If you look in include/openssl/x509v3.h you see the following:
# define GEN_OTHERNAME 0
# define GEN_EMAIL 1
# define GEN_DNS 2
# define GEN_X400 3
# define GEN_DIRNAME 4
# define GEN_EDIPARTY 5
# define GEN_URI 6
# define GEN_IPADD 7
# define GEN_RID 8
crypto/x509v3/v3_alt.c you can find details and corner-case information.
A couple things. As we have discussed directly, I am not a coder;
haven't coded since working with 'B' on Honeywells in the mid-80s. So
looking at 'C' code is a bit of a struggle. That said,
Given these supported names, what goes into the config file to create a
SAN without having to specify it on the command line?
And further it seems you are saying there is no support for HMN at all.
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
