Stack Overflow
Stack Overflow

Questions tagged [subject-alternative-name]

35 questions
6
votes
2 answers

NiFi bypass host name verification in SSL context service

I am trying to connect to a REST endpoint via the GetHTTP Processor in NiFi 1.5.0. The problem that I am faceing is, that the SSL certificate is issued to the domain but I only have direct access to the IP:Port address (company firewall). With that…
Letimogo
  • 542
  • 3
  • 13
5
votes
1 answer

How to add SAN extension in certificate using Go

I need to specify the registeredID in certificate. So I add this in config file, when sign certificate using OpenSSL. [ alternate_names ] DNS.1 = localhost RID.1 = 1.2.3.4.5.5 Here, 1.2.3.4.5.5 is OID. I followed How to format an OID Subject Alt…
Shahriar
  • 13,460
  • 8
  • 78
  • 95
5
votes
2 answers

Getting Subject Alternate Names with Pkcs10CertificationRequest

I'm currently able to decode a CSR's values except for Requested Extensions, specifically X509v3 Subject Alternative Name. Here's the relevant part of my `DecodeCSR(string csr): public void DecodeCsr(string csrStr){ //getting just csr var csrChars…
Austin Mauldin
  • 315
  • 1
  • 6
  • 17
4
votes
1 answer

Can somebody help me to implement extension Subject Alternative Names using BouncyCastle?

I have some string, that is separated with comma. I have to add all extension that match any of GeneralName for Subject Alternative Names extension. Can somebody finish for loop for me? @Override public boolean saveKeypair(String arg0) { …
Isidora Bojovic
  • 101
  • 2
  • 5
3
votes
1 answer

CA signed X509 cert contains X509v3 extension "Subject Alternative Name" twice

If I use OpenSSL to create an X509 certificate that gets signed with a CA certificate and includes an X509v3 SAN (Subject Alternative Name) extension, the generated certificate contains the SAN extension twice, whereas if the certificate is…
Andreas Klöber
  • 5,855
  • 2
  • 27
  • 20
2
votes
0 answers

How to add SerialNumber as Subject alternative Name in Bouncy Castle

I am trying to add SerialNumber and UID as SAN but don't know how to add it, I am trying this code but it gives me error: GeneralName name1 = new GeneralName(GeneralName.DnsName, "bc1.local"); GeneralName name2 = new…
MK Said
  • 165
  • 8
2
votes
0 answers

Retrieve RegisteredID from subjectAltName

I've a certificate (using openssl app) with SubjectAltName set as : I want to read to field RegisteredID (for example) for that I've constructed the following code: GENERAL_NAME* getX508SubjectAltNameInfo(X509* pCertificate) { int i; int…
LordTitiKaka
  • 2,087
  • 2
  • 31
  • 51
1
vote
1 answer

Dynamic SAN or Bypassing SAN Check for a server certificate

I'm working on a project where I have to use self-signed SSL certificates with SAN defined. Using common name only does not work, because the client requires SAN too, else it throws an error. However the IPs are not fixed or predefined for…
Shivank Gautam
  • 11
  • 1
1
vote
0 answers

Subject Alternative Names output not correct in Bouncy castle

I want to add a SAN in bouncy castle and I am using this code: var alt_names = new Dictionary { {X509Name.SerialNumber, "334623324234325"}, {X509Name.UID, "310122393500003"}, …
MK Said
  • 165
  • 8
1
vote
0 answers

Get x509 certificate by subject alternate name - c++

I'm trying to retrieve certificates from the local store by subject alternate name. Currently, the only option I see if to retrieve it by subject name. This is my code: PCCERT_CONTEXT GetCertFromSubject(const std::wstring& subjectName) { …
certnoob
  • 11
  • 2
1
vote
1 answer

Php get subjectAltName from csr

Good evening my friend I generated san csr via openssl function using php. But i cant get subjectAltName. Please How can i extract subjetAltName from csr? shell_exec('openssl req -noout -text -in'. $csr)
Enge
  • 11
  • 1
0
votes
0 answers

How to copy Common name to subject alternative name using openssl.cnf or through openssl cmd

Facing an issue in copying common name passed by users to subject alternative name . Copying common name with static value is working fine . Need to copy common name with value as supplied. I tried ${policy_anything::commonName} Where san result as…
Logu Loganathan
  • 1
0
votes
0 answers

OpenSSL x509 certificates and wildcard hostname checking

Currently working on adding hostname checking support to all SSL connections to a server application that uses OpenSSL 1.1.1K. The server should accept subdomains, i.e., maps.example.com, mail.example.com, etc with one reference identifier option to…
Vikyboss
  • 940
  • 2
  • 11
  • 23
0
votes
0 answers

Java SSL - IP host validation with no SAN in certificate

I am trying to call an endpoint with https that is something like : POST https://193.321.1.321/customers but I get the error: java.security.cert.CertificateException: No subject alternative names present Indeed, there is no SAN in my certificate. I…
ROBLCSnail
  • 13
  • 5
0
votes
0 answers

Difference between Wildcard certificate with Subject Alternative Name and without Subject Alternative Name

What is the difference between Wildcard certificate with Subject Alternative Name and without Subject Alternative Name. Is there any security implications in regards to Wildcard certificate with subject-alternate-name?
Sandeep Dommari
  • 1
  • 1
1
2 3