On 18/03/2020 11:35, Lionel Monchecourt wrote: > Hi Matt, > Thanks a lot, > Getting the same error for > msUPN=1.3.6.1.4.1.311.20.2.3, I removed it as well > is it by default in openssl as well ? > btw, removing these 2, I can generate my certificate without problem Yes - it exists so removing it should be fine. Matt > > -----Original Message----- > From: openssl-users [mailto:openssl-users-bounces@xxxxxxxxxxx] On Behalf Of > Matt Caswell > Sent: 17 March 2020 14:10 > To: openssl-users@xxxxxxxxxxx > Subject: Re: AD with PKI authentication - issue on cert generation > > > > On 17/03/2020 12:33, Lionel Monchecourt wrote: > >> I already tried to replace >> >> scardLogin=1.3.6.1.4.1.311.20.2.2 >> >> with >> >> msSmartcardLogin=1.3.6.1.4.1.311.20.2.2 > > Try removing this line altogether. OpenSSL already has a built-in object > of this name with this OID so it should not be necessary. > > Matt > >> >> as I found in the thred but it doesn’t solve my issue. >> >> I can post in SSL forum but as it is Samba specific, I’m trying here >> first as I guess I’m missing something basic ? >> >> >> >> Please note that I do not intend to use smartcard, but ONLY certificate, >> if it can help >> >> Thanks ! >> >> >> >> Lionel >> >> >> >> >> > <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campai > gn=sig-email&utm_content=emailclient> >> Virus-free. www.avast.com >> > <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campai > gn=sig-email&utm_content=emailclient> >> >> >> <#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2> > >
