Re: [Ejbca-develop] Subject Alternative Name extension using the otherName type

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

On 2013-01-05 00:20, Herman wrote:
> Hi Guys,
> 
> I need to enable the Subject Alternative Name extension using the otherName type. I have type_id and value embedded in an PEM encoded object. 
> 
> Edit Certificate Profile interface allows to define Subject Alternative Name extension using the otherName type, however, Edit End Entity Profile interface although allows defining Subject Alternative Name, it doesn't allow to specify the otherName type. 
> 
> How can I enable SAN extension with otherName type in End Entity Profile and assign the PEM encoded value to it?

Since the othername form doen't have any specified syntax, EJBCA doesn't support
this out-of-the-box.  However, it is possible to add such extensions through the
custom extension scheme.  Here is an example:

id4.oid=2.5.29.17
id4.classpath=org.cesecore.certificates.certificate.certextensions.BasicCertificateExtension
id4.displayname=Subject Alt Name (Other Name)
id4.used=true
id4.translatable=false
id4.critical=false
id4.property.dynamic=false
id4.property.encoding=RAW
#   0: SEQUENCE
#        {
#   2:     [0]
#            {
#   4:         OBJECT IDENTIFIER (1.3.169)
#   9:         [0]
#                {
#  11:             PrintableString 'CH-400.3.925.112-4'
#                }
#            }
#        }
id4.property.value=301DA01B06032B8129A014131243482D3430302E332E3932352E3131322D34
#

However, there is a "snag" that you should be aware of...

The current EJBCA version does AFAIK not allow mixing of regular SAN (Subject Alt Name)
extensions and custom SAN extensions.

I would personally recommend NOT using otherName extensions.

Cheers
Anders
Tech support

> 
> --
> Enviado desde mi iPhone, disculpe errores tipográficos y brevedad.
> ------------------------------------------------------------------------------
> Master HTML5, CSS3, ASP.NET, MVC, AJAX, Knockout.js, Web API and
> much more. Get web development skills now with LearnDevNow -
> 350+ hours of step-by-step video tutorials by Microsoft MVPs and experts.
> SALE $99.99 this month only -- learn more at:
> http://p.sf.net/sfu/learnmore_122812
> _______________________________________________
> Ejbca-develop mailing list
> Ejb...@li...
> https://lists.sourceforge.net/lists/listinfo/ejbca-develop
> 