[Pkg-openssl-devel] Bug#422882: openssl: mistake in note on
x509v3_config manual page
Javier Barroso
javier.barroso at isotrol.com
Tue May 8 16:03:51 UTC 2007
Package: openssl
Version: 0.9.8e-4
Severity: normal
Tags: patch
at NOTE section on x509v3_config manual page says:
If an extension is multi-value and a field value must contain a comma the long form must be used otherwise the
comma would be misinterpreted as a field separator. For example:
subjectAltName=URI:ldap://somehost.com/CN=foo,OU=bar
will produce an error but the equivalent form:
subjectAltName=@subject_alt_section
[subject_alt_section]
subjectAltName=URI:ldap://somehost.com/CN=foo,OU=bar
is valid.
I had to change my openssl.cnf file to samething as:
[v3_req]
...
crlDistributionPoints = @crl_section
[crl_section]
URI=ldap://xxx.com/cn=XXX,ou=XXX,o=XXX,c=XXX
Original note doesn't work for me.
Regards
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (990, 'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.18-4-xen-686 (SMP w/2 CPU cores)
Locale: LANG=es_ES.UTF-8, LC_CTYPE=es_ES.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages openssl depends on:
ii libc6 2.5-7 GNU C Library: Shared libraries
ii libssl0.9.8 0.9.8e-4 SSL shared libraries
ii zlib1g 1:1.2.3-13 compression library - runtime
openssl recommends no packages.
-- debconf-show failed
More information about the Pkg-openssl-devel
mailing list