Re: error: ASN1_mbstring_ncopy:illegal characters

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Tue, Apr 11, 2023 at 11:40:10PM +1000, raf via openssl-users wrote:

> I'm trying to create a CSR for an SMIME certificate for
> an email address with non-ASCII characters (localpart
> and domain), and I'm getting this error after entering
> äbç@être.org as the email address:

You can't do that with rfc822Name, its syntax is by definition
restricted to printable ASCII (IA5String):

    https://datatracker.ietf.org/doc/html/rfc5280#page-38

        GeneralName ::= CHOICE {
                otherName                       [0]     OtherName,
                rfc822Name                      [1]     IA5String,
                dNSName                         [2]     IA5String,
                x400Address                     [3]     ORAddress,
                directoryName                   [4]     Name,
                ediPartyName                    [5]     EDIPartyName,
                uniformResourceIdentifier       [6]     IA5String,
                iPAddress                       [7]     OCTET STRING,
                registeredID                    [8]     OBJECT IDENTIFIER }

       OtherName ::= SEQUENCE {
            type-id    OBJECT IDENTIFIER,
            value      [0] EXPLICIT ANY DEFINED BY type-id }

To create certificates for non-ASCII email addresses you need:

    https://datatracker.ietf.org/doc/html/rfc8398#section-3

        id-on-SmtpUTF8Mailbox OBJECT IDENTIFIER ::= { id-on 9 }
        SmtpUTF8Mailbox ::= UTF8String (SIZE (1..MAX))

-- 
    Viktor.
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux