On 08/14/2017 03:28 PM, Jakob Bohm wrote:
On 14/08/2017 20:55, Robert Moskowitz wrote:
On 08/14/2017 02:04 PM, Salz, Rich via openssl-users wrote:
➢ Is there anyway to display the basic ASN.1 structure here so I can
see
what was stored in the cert?
openssl asn1parse
Humpf. I looked at that a few times and did not see the obvious. Sigh.
So some progress. using -i and got:
573:d=5 hl=2 l= 3 prim: OBJECT :X509v3 Subject
Alternative Name
578:d=5 hl=2 l= 29 prim: OCTET STRING [HEX
DUMP]:301BA01906082B06010505070804A00D300B06032A0304040401020304
Added -strparse 578 and got:
0:d=0 hl=2 l= 27 cons: SEQUENCE
2:d=1 hl=2 l= 25 cons: cont [ 0 ]
4:d=2 hl=2 l= 8 prim: OBJECT :1.3.6.1.5.5.7.8.4
14:d=2 hl=2 l= 13 cons: cont [ 0 ]
16:d=3 hl=2 l= 11 cons: SEQUENCE
18:d=4 hl=2 l= 3 prim: OBJECT :1.2.3.4
23:d=4 hl=2 l= 4 prim: OCTET STRING [HEX DUMP]:01020304
Since I don't know that SubjectAltName content will always start at
578, I have to do the asn1parse in two steps.
It is a start...
Try using dumpasn1.c by Peter Gutmann instead, it has nicer output and
automatically descends into these structures. However it requires that
you convert from Base64 to binary before calling it.
And build your own version of openssl! I am too far behind on this and
other work to invest more time building my own modules. Sigh.
Thanks, though. Perhaps get to it later.
Bob
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users