[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Emaill address in a certificate - NEW



Hello
First, I'm sorry the first mail was sent.
I'm trying to create a certificate using the SFL v1.5 in C++ application on
winNT os.
I created a DSA certificate using the 'auto_hi' tests project without an
eMail address in it, but I failed creating a certificate that has an eMail
address in it.
Using the CML v1.6 I viewed at a certificate issued by VeriSign and the
eMail address was part of the subject DN,
and there was no SubjectAltName extension.
When I tried to create a new DSA certificate with an eMail address in the
subject DN
'subject_dn=emailAddress=Alon@xxxxxxxxxx@C=US@O=US Government@OU=VDA
Site@OU=VDA@CN=Alon Barak DSA'
or
'subject_dn=E=Alon@xxxxxxxxxx@C=US@O=US Government@OU=VDA
Site@OU=VDA@CN=Alon Barak DSA'
but it failed since the SFL did not recognize the 'E' or 'emailaddress'
prefix.
so...
1. Who can I add the eMail address to the DN and to the extensions ?
2. What is the right way add the eMail address to a certificate that will be
recognize by the common mailers as a valid certificate,
   is the way that VeriSign does it in the DN, or in the extensions ?
3. Do you have a C/C++ api for creating a public/private key pair ?

Thank in addvance 
(and sorry about the first mail)
Alon Barak
Vanguard Security Technologies Ltd.
Tel: 972-4-9891311 (Ext. 221); 
Fax: 972-4-9891322
mailto:Alon@xxxxxxxxxx