From: Wouter <wou...@gm...> - 2009-05-06 05:54:40
|
Hi, My question is how to get a subjectaltname from an existing x509 object, using pyopenssl.. The issue I expect is that subjectaltname on this object is encoded as an othername type (oid 2.5.5.5) and I have no idea how I am expected to get is parsed correctly. Does this involve writing an extention? or are there already meganisms provided with pyopenssl to indicate the type of an subjectaltname? regards, Wouter Jean-Paul Calderone schreef: > On Tue, 5 May 2009 10:55:15 +0200, Wouter van Bommel <wou...@gm...> wrote: > >> Hi All, >> >> Currently I am working on a project in which I need to parse an >> subjectaltname part of a certificate. >> It is known that the type of the subjectaltname is of type otherName >> (2.5.5.5). >> >> Code to insert it in the certificate is probably simular to the examples >> used in the discussion on http://markmail.org/message/b7lmomgglut22sdl >> >> To solve this issue I am wondering which approach is the best. Adding an >> extension to extract subjectaltname and some kind of typeconversion (yet no >> idea how, but probably can implement something) or are there other >> possiblities / solutions already available. >> >> Currently I am able to generate the correct commandline option for openssl >> asn1parse to show me only the content of the subjectaltname part >> (reinterpret by the parser, hence human readable). >> > > I'm not really sure what you're asking. > > Are you looking for a pyOpenSSL for getting the subjectAltName from an > X509 object? > > Or are you trying to include a subjectAltName in a new certificate created > with pyOpenSSL? > > Jean-Paul > > > ------------------------------------------------------------------------------ > The NEW KODAK i700 Series Scanners deliver under ANY circumstances! Your > production scanning environment may not be a perfect world - but thanks to > Kodak, there's a perfect scanner to get the job done! With the NEW KODAK i700 > Series Scanner you'll get full speed at 300 dpi even with all image > processing features enabled. http://p.sf.net/sfu/kodak-com > _______________________________________________ > pyopenssl-list mailing list > pyo...@li... > https://lists.sourceforge.net/lists/listinfo/pyopenssl-list > > |