[Pkg-openssl-devel] Bug#554157: openssl: openssl req fails to create certificate eith UTF8 emailAddress
Dikla Vilge
dvilge at finjan.com
Tue Nov 3 12:32:50 UTC 2009
Package: openssl
Version: 0.9.8k-5
Severity: normal
Trying to create a new X509 certificate with Latin-1 characters in the emailAddress attributes fails.
The configuration file used is:
[ req ]
default_bits = 1024
encrypt_key = no
distinguished_name = req_dn
prompt = no
req_extensions = v3_ca
utf8 = yes
string_mask = utf8only
[ req_dn ]
emailAddress = üöä@example.com
CN = example
[ v3_ca ]
basicConstraints = CA:true
The command line which reproduces the problem is:
req -new -config /tmp/config.txt -out /tmp/x509.txt -keyout /tmp/x509-key.txt -utf8 -days 1825
The error:
-----
problems making Certificate Request
29812:error:0D07A07C:asn1 encoding
routines:ASN1_mbstring_ncopy:illegal characters:a_mbstr.c:162:
-----
The same problem happens on bug http://bugs.debian.org/bug=260357, but for some reason it is not included in the latest openssl from debian.
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.28-16-generic (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages openssl depends on:
ii libc6 2.9-26 GNU C Library: Shared libraries
ii libssl0.9.8 0.9.8k-5 SSL shared libraries
ii zlib1g 1:1.2.3.3.dfsg-15 compression library - runtime
openssl recommends no packages.
Versions of packages openssl suggests:
ii ca-certificates 20090814 Common CA certificates
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pkg-openssl-devel/attachments/20091103/308f8fd6/attachment.htm>
More information about the Pkg-openssl-devel
mailing list