Hans Werner Strube wrote: > > Hi, > when an alias is added to an x509 certificate by -setalias, this works if > the output is in PEM format but is ignored in DER format. When a PEM > certificate containing an alias is later converted to DER, the alias is > stripped. Is this normal or a bug? >
Its expected behaviour. There wasn't any standard format I could see for packaging a certificate and additional auxilliary information needed so I made one up with some different PEM headers. Not supporting this in DER format is largely to avoid interop problems: nothing other than OpenSSL would be able to interpret it. Steve. -- Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/ Personal Email: [EMAIL PROTECTED] Senior crypto engineer, Gemplus: http://www.gemplus.com/ Core developer of the OpenSSL project: http://www.openssl.org/ Business Email: [EMAIL PROTECTED] PGP key: via homepage. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
