On Tue, Jun 25, 2002, Bernhard Reiter wrote: > Some CA add a crlDistributionPoints attribute for ldap. > I haven't found an obvious way to do this, because > of the comma seperating multivalue feature. > > crlDistributionPoints=URI:ldap//some.server/cn=Test-ZS1,o=x >x,c=de?certificateRevocationList > > fails: > 26922:error:2207507C:X509 V3 routines:v2i_GENERAL_NAME:missing value:v3_alt.c:391: > 26922:error:2206B080:X509 V3 routines:X509V3_EXT_conf:error in >extension:v3_conf.c:92:name=crlDistributionPoints, >value=URI:ldap//thetis.intevation.de/cn=Test-ZS1,o=x x?certificateRevocationList > > Is this a bug? > Openssl version 0.9.8 cvs from a couple of days ago.
Try using the @section syntax for this extension, for example: crlDistributionPoints=@crldp_section [crldp_section] URI=ldap//some.server/cn=Test-ZS1,o=x x,c=de?certificateRevocationList Steve. -- Dr. Stephen Henson [EMAIL PROTECTED] OpenSSL Project http://www.openssl.org/~steve/ ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
