httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject DO NOT REPLY [Bug 47387] SSL_CLIENT_I_DN and SSL_CLIENT_S_DN use Email instead of emailAddress
Date Thu, 10 Sep 2009 09:23:53 GMT

--- Comment #2 from Sven Anders <> 2009-09-10 02:23:49 PDT ---
Hi Joe,
there is a module called mod_authz_ldap. As it is not developed anymore, my
company is planning to do a fork this product 
to make it usable to apache 2.2. (URL of the old project page is: )

The module is using the following  openssl funtions for getting the stings for
the issuer and the subject:
* X509_get_issuer_name(x)
* X509_get_subject_name(x)

This functions are implemented to conform to RFC 2985.

mod_ssl is using openssl, but does some things different from every other
standard I know.

If I look to the pem file of a certificate I find:

  Signature Algorithm: md5WithRSAEncryption
        Issuer: C=DE, ST=Germany, L=Hamburg, O=digitec GmbH, O=digitec,
OU=Secure Enterprise Service, CN=Digitec Root CA (2048
        Subject: C=DE, ST=Germany, L=Hamburg, O=digitec GmbH, O=digitec,
OU=Secure Enterprise Services, CN=Sven Anders
GmbH/O=digitec/OU=Secure Enterprise Service/CN=Digitec Root CA (2048

Everywhere emailaddress= (not Email=) is used.

Can you give me an example of standards where EMail= is used?

Best Regards

Sven Anders

Configure bugmail:
------- You are receiving this mail because: -------
You are the assignee for the bug.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message