You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2009/09/10 11:23:53 UTC
DO NOT REPLY [Bug 47387] SSL_CLIENT_I_DN and SSL_CLIENT_S_DN use
Email instead of emailAddress
https://issues.apache.org/bugzilla/show_bug.cgi?id=47387
--- Comment #2 from Sven Anders <s....@digitec.de> 2009-09-10 02:23:49 PDT ---
Hi Joe,
there is a module called mod_authz_ldap. As it is not developed anymore, my
company is planning to do a fork this product
to make it usable to apache 2.2. (URL of the old project page is:
http://authzldap.othello.ch/ )
The module is using the following openssl funtions for getting the stings for
the issuer and the subject:
* X509_get_issuer_name(x)
* X509_get_subject_name(x)
This functions are implemented to conform to RFC 2985.
mod_ssl is using openssl, but does some things different from every other
standard I know.
If I look to the pem file of a certificate I find:
Signature Algorithm: md5WithRSAEncryption
Issuer: C=DE, ST=Germany, L=Hamburg, O=digitec GmbH, O=digitec,
OU=Secure Enterprise Service, CN=Digitec Root CA (2048
bit)/emailAddress=ca@digitec.de
..
Subject: C=DE, ST=Germany, L=Hamburg, O=digitec GmbH, O=digitec,
OU=Secure Enterprise Services, CN=Sven Anders
[san]/emailAddress=s.anders@digitec.de
DirName:/C=DE/ST=Germany/L=Hamburg/O=digitec
GmbH/O=digitec/OU=Secure Enterprise Service/CN=Digitec Root CA (2048
bit)/emailAddress=ca@digitec.de
Everywhere emailaddress= (not Email=) is used.
Can you give me an example of standards where EMail= is used?
Best Regards
Sven Anders
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org