Hi Matt, Thanks a lot, Getting the same error for msUPN=1.3.6.1.4.1.311.20.2.3, I removed it as well is it by default in openssl as well ? btw, removing these 2, I can generate my certificate without problem -----Original Message----- From: openssl-users [mailto:openssl-users-bounces@xxxxxxxxxxx] On Behalf Of Matt Caswell Sent: 17 March 2020 14:10 To: openssl-users@xxxxxxxxxxx Subject: Re: AD with PKI authentication - issue on cert generation On 17/03/2020 12:33, Lionel Monchecourt wrote: > I already tried to replace > > scardLogin=1.3.6.1.4.1.311.20.2.2 > > with > > msSmartcardLogin=1.3.6.1.4.1.311.20.2.2 Try removing this line altogether. OpenSSL already has a built-in object of this name with this OID so it should not be necessary. Matt > > as I found in the thred but it doesn?t solve my issue. > > I can post in SSL forum but as it is Samba specific, I?m trying here > first as I guess I?m missing something basic ? > > > > Please note that I do not intend to use smartcard, but ONLY certificate, > if it can help > > Thanks ! > > > > Lionel > > > > > <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campai gn=sig-email&utm_content=emailclient> > Virus-free. www.avast.com > <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campai gn=sig-email&utm_content=emailclient> > > > <#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2> -- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus
