[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: How read Subject Alternative Name
Love Hörnquist Åstrand ha scritto:
> 7 dec 2006 kl. 15.38 skrev Alberto Fondi:
>
>> Hi group,
>>
>> i have another question, how can i read the Subject Alternative
>> Name, because openssl can't do it ? Infact it gives me this message:
>>
>> X509v3 Subject Alternative Name: othername:<unsupported>
>
> If you want until tomorrows dated snapshot or use cvs, just commited
> the code,
> you can use hxtool to print the OtherName. Its not pretty, but will tell
> you want you need.
>
> $ hxtool print --content FILE:pkinit.crt
> cert: 0
> private key: no
> issuer: "C=SE,CN=hx509 Test Root CA"
> subject: "CN=pkinit,C=SE"
> keyusage: keyEncipherment, nonRepudiation, digitalSignature
> subject name: CN=pkinit,C=SE
> issuer name: C=SE,CN=hx509 Test Root CA
> Validity:
> notBefore 2006-11-23 37:37:08
> notAfter 2016-11-20 37:37:08
> checking extention: basicConstraints
> Critical not set on MUST
> is NOT a CA
> checking extention: keyUsage
> Critical not set on SHOULD
> checking extention: subjectKeyIdentifier
> checking extention: subjectAltName
> subjectAltName otherName pk-init: bar@TEST.H5L.SE
>
>
>
> Love
>
>
Sorry i did what you you say but i obtain:
/home/alberto/heimdal-0.8-rc2/lib/hx509/hxtool print --content
FILE:/home/alberto/heimdal-0.8-rc2/lib/hx509/data/pkinit.crt
cert: 0
private key: no
issuer: "C=SE,CN=hx509 Test Root CA"
subject: "CN=pkinit,C=SE"
keyusage: keyEncipherment, nonRepudiation, digitalSignature
subject name: CN=pkinit,C=SE
issuer name: C=SE,CN=hx509 Test Root CA
Validity:
notBefore 2006-11-23 37:37:08
notAfter 2016-11-20 37:37:08
checking extention: basicConstraints
Critical not set on MUST
is NOT a CA
checking extention: keyUsage
Critical not set on SHOULD
checking extention: subjectKeyIdentifier
checking extention: subjectAltName
other name oid: 1.3.6.1.5.2.2
what can i do?