Hi!

I'm making a csr using the Java tool keytool, I am then going to sign it
with the OpenSSL CA-functionality, but I can't. Here is what I get when I
try to do so (sign.sh is a script I found with mod_ssl to sign certificates,
but I don't think that's the problem):

$ sign.sh Client.csr
CA signing: Client.csr -> Client.crt:
Using configuration from ca.config
Enter PEM pass phrase:
Check that the request matches the signature
Signature ok
The Subjects Distinguished Name is as follows
countryName           :PRINTABLE:'NO'
stateOrProvinceName   :PRINTABLE:'Hordaland'
localityName          :PRINTABLE:'Bergen'
organizationName      :PRINTABLE:'EDB Fellesdata'
organizationalUnitName:PRINTABLE:'
The string contains characters that are illegal for the ASN.1 type
CA verifying: Client.crt <-> CA cert
Client.crt: unable to load certificate file
38758:error:0906D06C:PEM routines:PEM_read_bio:no start
line:pem_lib.c:662:Expecting: CERTIFICATE

As I understand it, there is some character in the organizationalUnitName
that is not supported. This field has the value "Sikkerhet og arkitektur".
I've tried to make the request from scratch, with the same result, so it's
not likely I've put in some control character by mistake. Does anyone know
what could be wrong?

Hope someone does,

Chrisitan Rygg
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to