One hypothetical sane use for a certificate policy extension in a CSR
would be if a CA issues certificates of different types and with
different policies (simple example: Regular SSL certs and EV certs).
Then putting the corresponding policy in the CSR indicates, protected
by the
a segmentation fault.
Is the syntax correct? Any clue what is wrong?
Thanks.
--
View this message in context:
http://openssl.6102.n7.nabble.com/adding-certificate-policies-extension-in-CSR-tp46467.html
Sent from the OpenSSL - User mailing list archive at Nabble.com
?
Thanks.
--
View this message in context:
http://openssl.6102.n7.nabble.com/adding-certificate-policies-extension-in-CSR-tp46467.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
__
OpenSSL Project
Oh I see. Can you point to a documentation where it is defined which
extensions a certificate requestor is allowed to add and which should be
added by the CA only?
Thanks.
--
View this message in context:
http://openssl.6102.n7.nabble.com/adding-certificate-policies-extension-in-CSR
see. Can you point to a documentation where it is defined which
extensions a certificate requestor is allowed to add and which should be
added by the CA only?
Thanks.
--
View this message in context:
http://openssl.6102.n7.nabble.com/adding-certificate-policies-extension-in-CSR-tp46467p46469
/demos/x509/openssl/demos/x509/mkreq.c)
Thanks
--
View this message in context:
http://openssl.6102.n7.nabble.com/adding-certificate-policies-extension-in-CSR-tp46467p46471.html
Sent from the OpenSSL - User mailing list archive at Nabble.com
);
(based on function mkreq() in file
openssl/demos/x509/openssl/demos/x509/mkreq.c)
Thanks
--
View this message in context:
http://openssl.6102.n7.nabble.com/adding-certificate-policies-extension-in-CSR-tp46467p46471.html
Sent from the OpenSSL - User mailing list archive