Hi,
Thanks for the reply ...
We're using the Eric Young OpenSSL library 0.9.7c available on the openssl.org site ... they don't have the version 0.9.8 implementation
snapshots of 0.9.8-dev are available at: ftp://ftp.openssl.org/snapshot/ (openssl-SNAP-$DATE.tar.gz)
... its a bit late in our project to switch to another implementation ... could i get a patch or something to make this thing work ?
in case the DNS doesn't change to offer you could try "2.5.29.17=DER:..." (see openssl.txt)
2.5.29.17=DER:30:32:A0:1F:06:09:2B:06:01:04:01:82:37:19:01:A0:\ 12:04:10:01:02:03:04:05:06:07:08:09:10:11:12:13:14:15:16:82:0F:\ 64:6E:73:2E:73:6F:6D:65:68:6F:73:74:2E:64:65
creates the same extension as
[ altname_sec ] otherName=1.3.6.1.4.1.311.25.1;FORMAT:HEX,OCT:01020304050607080910111213141516 DNS=dns.somehost.de
You can get the DER encoding the subAltName extension from 0.9.8-dev :)
Nils
______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
