On Tue, Sep 03, 2002, Aditya wrote: > hi list, > > this is my first post so please bear with me > > > a little background info first > we are working on a internal CA project and we are facing some problem ( any > help would be highly appreceated ) > we are using this > $openssl version > OpenSSL 0.9.6c 21 dec 2001 > > we need to add the following purpose in the cert that will generated for > some users - admins how do i add them > the present line is already as below in openssl.cnf for this policy > > did a google search and came up with these keywords / oids please correct me > if i am wrong > > and please can some one fill in the missing one to complete the list --- we > can put this up on some website for newbies like me > > extendedKeyUsage = msSGC, nsSGC, ClientAuth > > > > 1.3.6.1.5.5.7.3.2 ClientAuth - > Proves your identity to a remote computer > 1.3.6.1.4.1.311.10.3.4 encryptedFileSystemMS - Allows > data on disk to be encrypted > 1.3.6.1.5.5.7.3.8 TimeStamping - Allows data to be signed with the > current time > Allows secure > communication on the Internet > Allows strong > encryption for online transactions/communications > Allows you to > digitally sign a certificate trust list > Digital Rights > Embedded Windows > System Component Verification > 1.3.6.1.5.5.7.3.3 CodeSigning - Ensures software came from > software publisher > 1.3.6.1.5.5.7.3.1 ServerAuth - Ensures the identity of a remote > computer > File Recovery > Key Pack > Licenses > License Server > Verification > OEM Windows > System Component Verification > 1.3.6.1.5.5.7.3.4 EmailProtection - Protects e-mail messages > Protects > software from alteration after publication > Smart Card Logon > Windows Hardware > Driver Verification > Windows System > Component Verification > 1.3.6.1.5.5.7.3.5 IpsecEndSystem > 1.3.6.1.5.5.7.3.6 IpsecTunnel > 1.3.6.1.5.5.7.3.7 IpsecUser > 1.3.6.1.5.5.7.3.9 OCSPSigning > 1.3.6.1.4.1.311.10.3.3 msSGC serverGatedCryptoMS > 2.16.840.1.113730.4.1 nsSGC serverGatedCryptoNS > , > > > > thanks in advance and please hurry working under a deadline - 5/9/2002 >
Its not at all apparent from your message what you are trying to do. If you want to add some purposes which aren't already in OpenSSL then you can add the necessary OIDs to openssl.cnf, see the oid_section docs. Steve. -- Dr. Stephen Henson [EMAIL PROTECTED] OpenSSL Project http://www.openssl.org/~steve/ ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
