diff options
author | Eric Curtin <ericcurtin17@gmail.com> | 2018-09-03 17:23:37 +0300 |
---|---|---|
committer | Pauli <paul.dale@oracle.com> | 2018-09-04 22:42:17 +0300 |
commit | 2167640b0bf76ec50a397dd90444b97c242e3f04 (patch) | |
tree | 17023fc9e00bf6bb94ed182a35f1d959680c7711 /apps | |
parent | 64ed55ab033f1bfa795d46f0ecc61c313204b418 (diff) |
New openssl subject parser hard to debug
-subj 'subject=C = US, ST = A, L = root, O = Hewlett Packard Enterprise Company, OU = Remote Device Access, CN = Hewlett Packard Enterprise Remote Device Access Test Local CA, emailAddress = rda@hpe.com'
was a valid subject in openssl 1.0. Error received in 1.1 is:
problems making Certificate Request
Not very informative, I only figured this out because I compiled the
code and added logging.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/7098)
Diffstat (limited to 'apps')
-rw-r--r-- | apps/apps.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/apps/apps.c b/apps/apps.c index 4090e605e5..9be656054a 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -1768,8 +1768,14 @@ X509_NAME *parse_name(const char *cp, long chtype, int canmulti) char *work; X509_NAME *n; - if (*cp++ != '/') + if (*cp++ != '/') { + BIO_printf(bio_err, + "name is expected to be in the format " + "/type0=value0/type1=value1/type2=... where characters may " + "be escaped by \\. This name is not in that format: '%s'\n", + --cp); return NULL; + } n = X509_NAME_new(); if (n == NULL) |