On Thu, Feb 27, 2003, Dhiva Muruganantham wrote: > I want have a certificate request with subject DN as > "CN=www.zty.net,OU=hosts,DC=sample,DC=org". > and also i want the DC component value as a IA5String. > By default the asn1parse shows me that the DC component values are > PRINTABLE. > > Is it possible with 0.9.7a ? If yes, what are the changes which i have > to do with the openssl.cnf???? > >
This is possible but not via openssl.cnf. It needs a source modification. The behaviour of DN components is governed by a table in crypto/asn1/a_strnid.c If a particular component is absent then it reverts to DirectoryString which wont use an IA5String at all. So the only solution is to add an appropriate value to this table or call the ASN1_STRING_table_add() function which I'm not sure has ever been tested... Since this is incorrect behaviour for this component I'll check in a fix which will appear in the next snapshots. Steve. -- Dr Stephen N. Henson. Core developer of the OpenSSL project: http://www.openssl.org/ Freelance consultant see: http://www.drh-consultancy.demon.co.uk/ Email: [EMAIL PROTECTED], PGP key: via homepage. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
