Hi there,
I would like to have certificates with email addresses as Subject
Alternative Names.
With IP addresses and DNS names, this is working fine. I can add them to
the certificate template and they are displayed correctly as DNS: ... and
IP: ..., but with the SAN type "email", this is not working.
Is this a known issue?
Here's the part of the policy file where I put the san part:
style:
00_user_basic_style:
label: I18N_OPENXPKI_UI_PROFILE_BASIC_STYLE_LABEL
description: I18N_OPENXPKI_UI_PROFILE_BASIC_STYLE_DESC
ui:
subject:
- realname
- email
san:
- san_email
info:
- comment
subject:
dn: CN=[% realname %],DC=xxxx,DC=yyyy,DC=zz
san:
email:
- "[% email.lower %]"
- "[% FOREACH entry = san_email %][% entry.lower %] | [%
END %]"
metadata:
requestor: "[% realname %]"
email: "[% email %]"
I also have a template for san_email:
id: san_email
label: I18N_OPENXPKI_UI_PROFILE_SAN_EMAILADDRESS
description: I18N_OPENXPKI_UI_PROFILE_SAN_EMAILADDRESS_DESC
type: freetext
match: \A .+@.+ \z
width: 30
placeholder: [email protected]
min: 0
max: 20
Is this configuration correct?
Is this configuration enough?
Should email addresses as SANs work with OpenXPKI?
Best regards,
Thomas
_______________________________________________
OpenXPKI-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openxpki-users
