Hi Stephen. Thank you very much for your help. I will inform the owner of the certificate.
Best Regards Gerd Wetzel > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Dr. > Stephen Henson > Sent: Tuesday, August 15, 2006 6:49 PM > To: [email protected] > Subject: Re: How to display X509 certificate? > > On Tue, Aug 15, 2006, [EMAIL PROTECTED] wrote: > > > Hi, > > > > this is what I get with > > > > openssl x509 -certopt ext_error -text -noout -in .... > > > > > ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ > ++++++++++++++ > > X509v3 Key Usage: > > Digital Signature, Key Encipherment > > 1.3.6.1.4.1.311.21.7: > > <Not Supported> > > X509v3 Extended Key Usage: > > TLS Web Server Authentication, TLS Web > Client Authentication > > X509v3 Certificate Policies: > > <Parse Error> > > 1.3.6.1.4.1.311.21.10: > > <Not Supported> > > Signature Algorithm: sha1WithRSAEncryption > > > ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ > ++++++++++++++ > > > > > 0:d=0 hl=2 l= 116 cons: SEQUENCE > 2:d=1 hl=2 l= 114 cons: SEQUENCE > 4:d=2 hl=2 l= 12 prim: OBJECT > :1.3.6.1.4.1.2916.3.6.509.1 > 18:d=2 hl=2 l= 98 cons: SEQUENCE > 20:d=3 hl=2 l= 96 cons: SEQUENCE > 22:d=4 hl=2 l= 8 prim: OBJECT :Policy > Qualifier CPS > 32:d=4 hl=2 l= 84 prim: BMPSTRING > > The last line is the problem. The policy qualifier type is > id-qt-cps and by > RFC3280 et al the last field should be of type IA5String not > BMPString. > > Steve. > -- > Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage > OpenSSL project core developer and freelance consultant. > Funding needed! Details on homepage. > Homepage: http://www.drh-consultancy.demon.co.uk > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List [email protected] > Automated List Manager [EMAIL PROTECTED] > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
