[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: How read Subject Alternative Name

7 dec 2006 kl. 15.38 skrev Alberto Fondi:

> Hi group,
>    i have another question, how can i read the Subject Alternative  
> Name, because openssl can't do it ? Infact it gives me this message:
> X509v3 Subject Alternative Name:                 
> othername:<unsupported>

If you want until tomorrows dated snapshot or use cvs, just commited  
the code,
you can use hxtool to print the OtherName. Its not pretty, but will tell
you want you need.

$ hxtool print --content FILE:pkinit.crt
cert: 0
     private key: no
     issuer:  "C=SE,CN=hx509 Test Root CA"
     subject: "CN=pkinit,C=SE"
     keyusage: keyEncipherment, nonRepudiation, digitalSignature
subject name: CN=pkinit,C=SE
issuer name: C=SE,CN=hx509 Test Root CA
         notBefore 2006-11-23 37:37:08
         notAfter  2016-11-20 37:37:08
checking extention: basicConstraints
         Critical not set on MUST
         is NOT a CA
checking extention: keyUsage
         Critical not set on SHOULD
checking extention: subjectKeyIdentifier
checking extention: subjectAltName
subjectAltName otherName pk-init: bar@TEST.H5L.SE