I'm creating X509 certificate requests and certificates in code, trying to add X509v3 Subject Alternative Name, with 1.1.0f. But if I add a list of four domains, ie: www1.mydomain www2.mydomain www3.mydomain www4.mydomain The certificate seems to ignore some and repeat others: X509v3 Subject Alternative Name: DNS:www3.mydomain, DNS:www4.mydomain, DNS:www3.mydomain, DNS:www4.mydomain Finding documentation for SANs in OpenSSL is very hard, there don't seem to be high level APIs to create extension content stacks. The best I found is set_altname in v3nametest.c which builds a stack of GENERAL_NAMES and adds it using X509_add1_ext_i2d. I must be something correct since it half works, but no idea why the data is corrupted. To complicate matters, I'm not writing in C, but using Delphi pascal, so all the OpenSSL APIs and macros have been converted to Delphi, which does potentially cause errors in translation. This is an open source Delphi interface to OpenSSL. Angus -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
