[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: How read Subject Alternative Name

To: Alberto Fondi <alberto.fondi@lnf.infn.it>
Subject: Re: How read Subject Alternative Name
From: Love Hörnquist Åstrand <lha@kth.se>
Date: Thu, 7 Dec 2006 17:18:18 +0100
Cc: heimdal-discuss@sics.se
In-Reply-To: <45782762.1060501@lnf.infn.it>
References: <45782762.1060501@lnf.infn.it>
Sender: owner-heimdal-discuss@sics.se

7 dec 2006 kl. 15.38 skrev Alberto Fondi:

> Hi group,
>
>    i have another question, how can i read the Subject Alternative  
> Name, because openssl can't do it ? Infact it gives me this message:
>
> X509v3 Subject Alternative Name:                 
> othername:<unsupported>

If you want until tomorrows dated snapshot or use cvs, just commited  
the code,
you can use hxtool to print the OtherName. Its not pretty, but will tell
you want you need.

$ hxtool print --content FILE:pkinit.crt
cert: 0
     private key: no
     issuer:  "C=SE,CN=hx509 Test Root CA"
     subject: "CN=pkinit,C=SE"
     keyusage: keyEncipherment, nonRepudiation, digitalSignature
subject name: CN=pkinit,C=SE
issuer name: C=SE,CN=hx509 Test Root CA
Validity:
         notBefore 2006-11-23 37:37:08
         notAfter  2016-11-20 37:37:08
checking extention: basicConstraints
         Critical not set on MUST
         is NOT a CA
checking extention: keyUsage
         Critical not set on SHOULD
checking extention: subjectKeyIdentifier
checking extention: subjectAltName
subjectAltName otherName pk-init: bar@TEST.H5L.SE



Love

Follow-Ups:
- Re: How read Subject Alternative Name
  - From: Alberto Fondi <alberto.fondi@lnf.infn.it>

References:
- How read Subject Alternative Name
  - From: Alberto Fondi <alberto.fondi@lnf.infn.it>

Prev by Date: How read Subject Alternative Name
Next by Date: No Subject
Prev by thread: How read Subject Alternative Name
Next by thread: Re: How read Subject Alternative Name
Index(es):
- Date
- Thread