Bug#422882: [Pkg-openssl-devel] Bug#422882: openssl: mistake in note
on x509v3_config manual page
Kurt Roeckx
kurt at roeckx.be
Tue May 8 16:32:16 UTC 2007
On Tue, May 08, 2007 at 06:03:51PM +0200, Javier Barroso wrote:
> Package: openssl
> Version: 0.9.8e-4
> Severity: normal
> Tags: patch
I see no patch?
> at NOTE section on x509v3_config manual page says:
> If an extension is multi-value and a field value must contain a comma the long form must be used otherwise the
> comma would be misinterpreted as a field separator. For example:
>
> subjectAltName=URI:ldap://somehost.com/CN=foo,OU=bar
>
> will produce an error but the equivalent form:
>
> subjectAltName=@subject_alt_section
>
> [subject_alt_section]
> subjectAltName=URI:ldap://somehost.com/CN=foo,OU=bar
>
> is valid.
>
> I had to change my openssl.cnf file to samething as:
> [v3_req]
> ...
> crlDistributionPoints = @crl_section
> [crl_section]
> URI=ldap://xxx.com/cn=XXX,ou=XXX,o=XXX,c=XXX
>
> Original note doesn't work for me.
And I have no idea what you think is wrong ...
Kurt
More information about the Pkg-openssl-devel
mailing list