User Certificates: emailAddress type needs to be of type

User Certificates: emailAddress type needs to be of type

am 28.08.2002 10:28:57 von James Bromberger

Hey all,

I know this is mod-ssl-users and not openssl-users, but I thought I'd
ask here anyway. I have a user cert I am trying to sign with my private
CA, and I am getting a problem with:

Enter PEM pass phrase:
Check that the request matches the signature
Signature ok
The Subjects Distinguished Name is as follows
emailAddress :ASN.1 12:'
emailAddress type needs to be of type IA5STRING

The Subject of the CSR I am dealing with (altered to protect the
innocent):
Subject: Email=xxxxxxx@yyyyyyy.com, C=AU, O=ZZ, OU=ZZZZZZ,
CN=ZZZZZZ

This CSR was generated using keytool from the J2SDK1.4.1 RC1
distribution from java.sun.com. Now, a CSR I generated with OpenSSL
gives me a format of "Subject Name=Val/Name=Val/...", not "Subject:
Name=Val, Name=Val, ...".

Does any one know what the ASN.1 encoding thing is all about here in
the CSR, and how it can be corrected with OpenSSL (0.9.6g-engine) at
signing time, and if the change of formatting (slash separated from
comma separated) of the Subject in the CSR is important? I tired to
override the CSR's subject by setting the subject with the same values
using '/" as the OID separator, but that didn't help.

Regards,

James Bromberger

--
James Bromberger, Webmaster/Senior Systems Administrator
Client Technical Services, Hartleys Limited, www.hartleys.com.au
www.jdv.com
P: +61 8 9268 2909 M: +61 417 322 500
F: +61 8 9266 0200 E: james_bromberger@jdv.com

Hartleys Ltd ABN 67 009 136 029, its Directors and Associates declare
that they from time to time hold interests in/and or earn brokerage,
fees or other benefits mentioned in documents to clients.
Any securities recommendation contained in this document is unsolicited
general information only. Do not act on a recommendation without first
consulting your investment advisor to determine whether the
recommendation is appropriate for your investment objectives, financial
situation and particular needs.
Hartleys Limited believes that any information or advice (including any
securities recommendation) contained in this document is accurate when
issued. However, Hartleys Limited does not warrant its accuracy or
reliability. Hartleys Limited, its officers, agents and employees exclude
all liability whatsoever, in negligence or otherwise, for any loss or
damage relating to this document to the full extent permitted by law.
Hartleys Limited may collect information from you in order to provide
any services you have requested. A copy of Hartleys Limited's privacy
policy is available on www.hartleys.com.au.
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org