[Pki-users] Copying subjectAltName from request to certificate
Marc Sauton
msauton at redhat.com
Thu Apr 28 19:47:29 UTC 2011
On 04/13/2011 02:03 PM, Rick Tracy wrote:
> New to DogTag here. We are currently evaluating the use of DogTag in a
> new project. One need that we have is to take two subjectAltName
> fields from the CSR and include them in the certificate. These are
> both currently otherName UTF8String types with private OID's. We have
> tried customizing the profiles in .../profiles/ca/*.cfg and have been
> able to get default subjectAltName fields included in the certificate,
> but we have been unsuccessful in copying them from the certificate
> request.
>
> Ideally, the value of these fields would be displayed to the agent
> before approving the certificate if there is a way to do that too.
>
> Is this possible with DogTag? If so can anyone point me to
> information on how to do this?
>
Yes:
http://docs.redhat.com/docs/en-US/Red_Hat_Certificate_System/8.0/html/Admin_Guide/Managing_Subject_Names_and_Subject_Alternative_Names.html
Can you share the part in your profile with the
policyset.encryptionCertSet.*.default.params.subjAlt*
?
> Thanks
> Rick
>
>
> _______________________________________________
> Pki-users mailing list
> Pki-users at redhat.com
> https://www.redhat.com/mailman/listinfo/pki-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pki-users/attachments/20110428/82bc6f42/attachment.htm>
More information about the Pki-users
mailing list