Re: [Openca-Users] new oid

Massimiliano Pala Wed, 01 Oct 2008 14:54:27 -0700

Hello Ali,

there should already be a Profile for a Domain Controller included with
OpenCA. Basically, if you want to provide your own profile (or 'role'),
just edit a new openssl config file for it and add it to the web-interface
configuration.


For adding a specific extension in the profile certificate, just add the
extensions config file into the etc/openssl/extfiles directory; you then
can put something like this:

# Certificate Template "DomainController" (bmp string)
subjectAltName=otherName:DER:ac:4b:29:06:aa:d6:5d:4f:a9:9c:4c:bc:b0:6a:65:d9,
               URI:http://www.openca.org

I have not tried it directly, but it should work.

Later,
Max
        

Ali Reza Karbasian wrote:

hi !
i want to use a domain controller certificate for a windows domain but i must have other name in subject alternative name with oid 1.3.6.1.4.1.311.25.1 according to http://support.microsoft.com/kb/291010 how should i add this attribute to my system ? what changes should i do in openssl extension files of domain controller ?
------------------------------------------------------------------------

-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/


------------------------------------------------------------------------

_______________________________________________
Openca-Users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openca-users



--

Best Regards,

        Massimiliano Pala

--o------------------------------------------------------------------------
Massimiliano Pala [OpenCA Project Manager]  [EMAIL PROTECTED]
                                                 [EMAIL PROTECTED]

Dartmouth Computer Science Dept               Home Phone: +1 (603) 369-9332
PKI/Trust Laboratory                          Work Phone: +1 (603) 646-9179
--o------------------------------------------------------------------------

smime.p7s
Description: S/MIME Cryptographic Signature

-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/

_______________________________________________
Openca-Users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openca-users

Re: [Openca-Users] new oid

Reply via email to