On Thu, Aug 02, 2007 at 09:48:39AM -0400, Eric Johnson wrote:
> Hi.
>
> I need to pull out the subject alternative name from the certificate and
> than grab the 'otherName' type. When I look at V3_alt.c in 9.7d I'm
> walking away with the impression that it isn't supported. Can somebody
> confirm if this is the case or not? And if so is there a version of
> OpenSSL where this is supported? Thanks.
You should be using 0.9.7l or 0.9.8e, there are known issues with prior
releases.
The subjectAltName components are processed via:
STACK_OF(GENERAL_NAME) *gens;
int i, r;
gens = X509_get_ext_d2i(cert, NID_subject_alt_name, 0, 0);
for (i = 0, r = sk_GENERAL_NAME_num(gens); i < r; ++i) {
const GENERAL_NAME *gn = sk_GENERAL_NAME_value(gens, i);
switch (gn->type) {
case GEN_OTHERNAME:
/* Do something with:
gn->d.othername->value;
gn->d.othername->type_id;
*/
case GEN_EMAIL:
...
case GEN_DNS:
...
case GEN_X400:
...
case GEN_DIRNAME:
...
case GEN_EDIPARTY:
...
case GEN_URI:
...
case GEN_IPADD:
...
case GEN_RID:
...
default:
...
}
}
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
