Are you saying you have a Microsoft Windows 2003 Server system that has already created a certificate request (PKCS-10 formatted data file) with multiple subjectaltname's, and you would like an OpenSSL-based CA to sign it and grant it "server authentication" and "client authentication" key usage?
You wouldn't happen to have a reference as to how you cooked this certificate request, do you? w.r.t. server-auth and client-auth, it's something the CA grants, I believe. I think that if you look around for list posts discussing manipulating the inside of openssl.cnf to provide such a thing that may help. I believe that goes in the "ca policy" section. I don't recall pkcs-10 being capable of supporting a certificate request that's got subjectaltnames - that'd be interesting to share if you know how to do that... Phil wrote: > Hi there, > > Up to now I have ever only done certs for web servers which are quite > straight forward. > > I now have the requirement to fulfill requests with the following: > > multiple subject alternative names > server authentication > client authentication > > If anyone can pass on info or point me in the right direction of other > posts, that would be great. I need to know how to take a request from > a windows server and sign in correctly with all these options. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
