I am getting this error message when trying to create a user cert signed by self-signed CA:
The following error occured:
error:2207507C:X509 V3 routines:v2i_GENERAL_NAME_ex:missing value
I can't figure what that is and it is constantly repeating on each attempt I make to create a user cert....
Did you edit the extensions (subject alternative name, issuer alternative name, CRL distribution point etc.)
by hand or by the "edit" button ?
Try leaving them empty one by one and see if the error disappears.
This is for a User cert, btw.
Yes, you are correct; I did edit the subject alternative name and put User's email address there--so it shows up.
Also, under Key Usage, on the left side, I selected the box "critical" and under that section I highlighted: Digital Signature, Non Repudiation, Key Encipherment, Data Encipherment.
Under Extended Key Usage, I selected the box "critical" and highlighted:
TLS Web Client Authentication, Code Signing, Email Protection, Time Stamping, Microsoft Server Gated Crypto, Microsoft Encrypted File System, Netscape Server Gated Crypto, Smartcard logon.
I have no real idea if doing all of that is necessary or not. Is it?
I hope I can resolve this quickly as I have a client waiting for his cert right now...! :)
> Yes, you are correct; I did edit the subject alternative name and put User's email address there--so it shows up.
The input field contains something like: "email:firstname.lastname@example.org" ? The "email:" is important !
I forgot to put the "email:"--that could have been the problem....
I'll try again putting "email:email@example.com".
That's why I added the "edit" button: To get that entries right and allow error checking before creating the certificate).
Just try it!
Yes, all is fine. You are good!
Actually, I never really "noticed" the Edit" buttons so never used them.
That is quite ingenious!
You can validate, etc.
Really excellent, I must say :)