search

sergiosorias / jscep

Automatically exported from code.google.com/p/jscep
MIT License
0 stars 0 forks source link

How To set the SAN and "OtherName" attribute using BouncyCastle 1.47 #86

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
One of the key aspects in making NDES work with mobile devices is to set the 
OtherName attribute of the SAN (Subject Alternate Name). The 
"1.3.6.1.4.1.311.20.2.3" OID is the OID for UPN (User Principal Name).

org.bouncycastle.asn1.x509.ExtensionsGenerator extensionsGenerator = new 
org.bouncycastle.asn1.x509.ExtensionsGenerator();

ASN1EncodableVector vec = new ASN1EncodableVector(); 
ASN1EncodableVector v = new ASN1EncodableVector(); 
v.add(new DERObjectIdentifier("1.3.6.1.4.1.311.20.2.3")); 
v.add(new DERTaggedObject(true, 0, new DERUTF8String( "devuser@dvam.local") ) 
); 

ASN1Object gn = new DERTaggedObject(false, 0, new DERSequence(v) ); 
vec.add(gn);             

extensionsGenerator.addExtension( Extension.subjectAlternativeName, true, new 
DERSequence(vec) );
crb.addAttribute( PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, 
extensionsGenerator.generate() );

The above code works with version 1,47 of BouncyCastle.

Original issue reported on code.google.com by Danny.de...@gmail.com on 31 Oct 2012 at 11:17

GoogleCodeExporter commented 9 years ago

Original comment by da...@grant.org.uk on 31 Oct 2012 at 11:19

GoogleCodeExporter commented 9 years ago 
Refer to posting:

https://groups.google.com/forum/#!topic/jscep-support/3YWiVBGvjhk

Original comment by Danny.de...@gmail.com on 31 Oct 2012 at 11:25

GoogleCodeExporter commented 9 years ago

Original comment by da...@grant.org.uk on 1 Nov 2012 at 12:08