bump. Anyone? Does anyone know how to encode a distinguished name
attribute as something other than a DirectoryString? Is it even possible
with the command-line tools?
-Sean
On 11/15/2010 11:13 AM, Sean Leonard wrote:
Hello,
I would like to get OpenSSL 1.0.0 to encode distinguished name
attributes as things other than DirectoryString, using openssl req at
the command line. The specific use cases are:
x500UniqueIdentifier --> BIT STRING
postalAddress --> PostalAddress ::= SEQUENCE OF DirectoryString
registeredAddress --> PostalAddress ::= SEQUENCE OF DirectoryString
I think a couple of people asked about these types several years ago
on the dev list.
It looks like it is possible to encode the BIT STRING with the raw
APIs (at least in increments of 8 bits), but I don't see if there's a
way to do it from the command line/config file, and I also don't see
how to do the postal addresses. It is fine if there is some syntax for
the distinguished_name section to provide the raw octets.
Thanks!
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
