Re: Problems adding specific extensions to signed certificates

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Michael Leone <turgon@xxxxxxxxxxxxxx>, Sergio NNX <sfhacker@xxxxxxxxxxx>
Subject: Re: Problems adding specific extensions to signed certificates
From: "Salz, Rich via openssl-users" <openssl-users@xxxxxxxxxxx>
Date: Fri, 7 Feb 2020 16:16:30 +0000
Accept-language: en-US
Cc: "openssl-users@xxxxxxxxxxx" <openssl-users@xxxxxxxxxxx>
In-reply-to: <CAHBr++hv-XBVN6jHHsH3b5UFGdy+S1yJ1Gwo_PAnLjURD4SETw@mail.gmail.com>
References: <CAHBr++izZgqOJ8Z98YvF328tBaqhm5Vu17Q4Usg=BSsRJO3Kaw@mail.gmail.com> <20200206224509.GE49778@straasha.imrryr.org> <CAHBr++jT+L1rsRXahd7_4iXmWdNFAMpaww6yuFujbUu5XxVQoQ@mail.gmail.com> <DM5PR13MB13238E276C2DBEFB6F7F93ACCC1C0@DM5PR13MB1323.namprd13.prod.outlook.com> <CAHBr++hv-XBVN6jHHsH3b5UFGdy+S1yJ1Gwo_PAnLjURD4SETw@mail.gmail.com>
Reply-to: "Salz, Rich" <rsalz@xxxxxxxxxx>
User-agent: Microsoft-MacOutlook/10.22.0.200203

I think the mismatch is that CSR extensions are not carried over; they have to be added at signing time.
See https://github.com/openssl/openssl/issues/10458

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Follow-Ups:
- RE: Problems adding specific extensions to signed certificates
  - From: Michael Wojcik

References:
- Problems adding specific extensions to signed certificates
  - From: Michael Leone
- Re: Problems adding specific extensions to signed certificates
  - From: Viktor Dukhovni
- Re: Problems adding specific extensions to signed certificates
  - From: Michael Leone
- Re: Problems adding specific extensions to signed certificates
  - From: Sergio NNX
- Re: Problems adding specific extensions to signed certificates
  - From: Michael Leone

Prev by Date: Re: Problems adding specific extensions to signed certificates
Next by Date: RE: Problems adding specific extensions to signed certificates
Previous by thread: Re: Problems adding specific extensions to signed certificates
Next by thread: RE: Problems adding specific extensions to signed certificates
Index(es):
- Date
- Thread

[Index of Archives] [Linux ARM Kernel] [Linux ARM] [Linux Omap] [Fedora ARM] [IETF Annouce] [Security] [Bugtraq] [Linux] [Linux OMAP] [Linux MIPS] [ECOS] [Asterisk Internet PBX] [Linux API]