Stephen Henson via RT wrote: >> [[email protected] - Mon May 17 14:42:14 2010]: >> >> Hi, >> I am trying to generate some client certificates for openvpn and I >> found openssl breaks with a cryptic message "TXT_DB error number 2" >> if I enter a _comma_ into the Organization Name string. >> >> First of all I do not understand why I get an error from openssl >> so late in the process (while signing of a broken request). Why was >> that broken string accepted during client.csr creation? Please >> compare the two approaches below. >> > > What are the build-req and sign-req scripts? They aren't part of > OpenSSL. There is nothing wrong with accepting commas in those fields.
They are a part of openvpn bundle and are shell scripts calling openssl, nothing fancy. Just download the sources and look for easy-rsa/ subdirectory. > > Do you get the same problem if you use the CA.pl script? Haven't tried. Martin ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
