On 04/13/2011 02:03 PM, Rick Tracy wrote:

New to DogTag here. We are currently evaluating the use of DogTag in a new project. One need that we have is to take two subjectAltName fields from the CSR and include them in the certificate. These are both currently otherName UTF8String types with private OID's. We have tried customizing the profiles in .../profiles/ca/*.cfg and have been able to get default subjectAltName fields included in the certificate, but we have been unsuccessful in copying them from the certificate request.

Ideally, the value of these fields would be displayed to the agent before approving the certificate if there is a way to do that too.

Is this possible with DogTag? If so can anyone point me to information on how to do this?

Yes:
http://docs.redhat.com/docs/en-US/Red_Hat_Certificate_System/8.0/html/Admin_Guide/Managing_Subject_Names_and_Subject_Alternative_Names.html
Can you share the part in your profile with the policyset.encryptionCertSet.*.default.params.subjAlt*
?

Thanks

Rick


_______________________________________________
Pki-users mailing list
Pki-users@redhat.com
https://www.redhat.com/mailman/listinfo/pki-users