[32537] in Kerberos
OID for Kerberos Principal Name
daemon@ATHENA.MIT.EDU (Bram Cymet)
Thu Jul 29 11:22:27 2010
Message-ID: <13480433.51901280416940881.OPEN-XCHANGE.WebMail.tomcat@inside.cbn>
Date: Thu, 29 Jul 2010 11:22:20 -0400 (EDT)
From: Bram Cymet <bcymet@cbnco.com>
To: kerberos@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Errors-To: kerberos-bounces@mit.edu
Content-Transfer-Encoding: 8bit
Hi,
I am attempting to get pkinit working. I am using my own custom CA togenerate the certs and I am having a little trouble generating a correctSubject Alternative Name (SAN) in my certs.
I have been able to generate a cert with a Microsoft Universal PrincipalName OID: 1.3.6.1.4.1.311.20.2.3
However when I use this cert the kdc says 'unrecognized othername oid inSAN'
Can anyone tell me what the correct OID that I should be using is sothat I don't get a 'client name mismatch' error?
This is for MIT kerberos.
Thanks,
Bram Cymet
________________________________________________Kerberos mailing list Kerberos@mit.eduhttps://mailman.mit.edu/mailman/listinfo/kerberos
