[pyOpenSSL] Parsing subjectaltname

Wouter woutervanbommel at gmail.com
Wed May 6 07:54:30 CEST 2009 

Hi,

My question is how to get a subjectaltname from an existing x509 object, 
using pyopenssl..
The issue I expect is that subjectaltname on this object is encoded as 
an othername type (oid 2.5.5.5) and I have no idea how I am expected to 
get is parsed correctly.
Does this involve writing an extention? or are there already meganisms 
provided with pyopenssl to indicate the type of an subjectaltname?

regards,
Wouter


Jean-Paul Calderone schreef:
> On Tue, 5 May 2009 10:55:15 +0200, Wouter van Bommel <woutervanbommel at gmail.com> wrote:
>   
>> Hi All,
>>
>> Currently I am working on a project in which I need to parse an
>> subjectaltname part of a certificate.
>> It is known that the type of the subjectaltname is of type otherName
>> (2.5.5.5).
>>
>> Code to insert it in the certificate is probably simular to the examples
>> used in the discussion on http://markmail.org/message/b7lmomgglut22sdl
>>
>> To solve this issue I am wondering which approach is the best. Adding an
>> extension to extract subjectaltname and some kind of typeconversion (yet no
>> idea how, but probably can implement something)  or are there other
>> possiblities / solutions already available.
>>
>> Currently I am able to generate the correct commandline option for openssl
>> asn1parse to show me only the content of the subjectaltname part
>> (reinterpret by the parser, hence human readable).
>>     
>
> I'm not really sure what you're asking.
>
> Are you looking for a pyOpenSSL for getting the subjectAltName from an
> X509 object?
>
> Or are you trying to include a subjectAltName in a new certificate created
> with pyOpenSSL?
>
> Jean-Paul
>
>
> ------------------------------------------------------------------------------
> The NEW KODAK i700 Series Scanners deliver under ANY circumstances! Your
> production scanning environment may not be a perfect world - but thanks to
> Kodak, there's a perfect scanner to get the job done! With the NEW KODAK i700
> Series Scanner you'll get full speed at 300 dpi even with all image 
> processing features enabled. http://p.sf.net/sfu/kodak-com
> _______________________________________________
> pyopenssl-list mailing list
> pyopenssl-list at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/pyopenssl-list
>
>   

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/pyopenssl-users/attachments/20090506/61fe5d9b/attachment.html>

More information about the pyopenssl-users mailing list