[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: SSL subjectAltName woes
Jeff Saxton wrote:
Can you give an example?
I think you should take this to the OpenSSL-Users mailing list.
Here's a cert I put together a while ago for my test machine:
% openssl x509 -in mandolin.pem -text
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17 (0x11)
Signature Algorithm: md5WithRSAEncryption
Issuer: C=US, ST=California, L=Los Angeles, O=Symas Corp.,
CN=Symas Keymaster/Email=keymaster@symas.com
Validity
Not Before: Sep 18 12:32:39 2002 GMT
Not After : Sep 17 12:32:39 2007 GMT
Subject: C=US, ST=California, L=Los Angeles, O=Symas Corp.,
OU=Symas Internal, CN=mandolin.symas.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:af:31:3e:ca:1d:a3:e0:19:3c:f5:54:7c:61:20:
12:40:f1:6c:00:82:e9:34:59:99:30:a8:03:bc:25:
b6:e0:98:d8:c8:35:9e:28:1b:52:6f:60:8b:57:30:
50:e7:2f:3e:6d:21:6e:38:dd:a2:b6:9d:1d:d1:e0:
b2:02:1d:42:4b:cf:ef:79:46:64:1b:e7:49:d0:e1:
0c:d3:bb:4e:9d:33:3c:9d:c8:f2:0d:c4:cb:dc:4e:
e0:a6:f0:1f:7e:91:83:9b:5f:13:8c:b7:4c:60:f4:
10:23:03:ce:9d:b8:e9:90:a1:0a:2d:7e:20:bc:ec:
96:5a:bb:7b:89:17:25:6b:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Cert Type:
SSL Server
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
E1:08:0C:36:27:56:8C:DB:EC:E0:5A:85:88:9C:0B:8E:83:C7:A0:F5
X509v3 Authority Key Identifier:
keyid:FD:9D:62:F3:8E:84:6A:B1:49:8C:72:37:A9:2C:EA:5C:57:79:F9:DF
DirName:/C=US/ST=California/L=Los Angeles/O=Symas
Corp./CN=Symas Keymaster/Email=keymaster@symas.com
serial:00
X509v3 Subject Alternative Name:
DNS:mandolin, DNS:localhost
--
-- Howard Chu
Chief Architect, Symas Corp. Director, Highland Sun
http://www.symas.com http://highlandsun.com/hyc
Symas: Premier OpenSource Development and Support