[32538] in Kerberos
Re: OID for Kerberos Principal Name
daemon@ATHENA.MIT.EDU (Kevin Coffman)
Thu Jul 29 11:47:28 2010
MIME-Version: 1.0
In-Reply-To: <13480433.51901280416940881.OPEN-XCHANGE.WebMail.tomcat@inside.cbn>
Date: Thu, 29 Jul 2010 11:47:23 -0400
Message-ID: <AANLkTinpX6Bnv=Vqo2kMq47rCwmHqo_zUvh+Zz97mLgB@mail.gmail.com>
From: Kevin Coffman <kwc@umich.edu>
To: Bram Cymet <bcymet@cbnco.com>
Cc: kerberos@mit.edu
Content-Type: text/plain; charset="iso-8859-1"
Errors-To: kerberos-bounces@mit.edu
Content-Transfer-Encoding: 8bit
Does this help?
http://mailman.mit.edu/pipermail/krbdev/2006-November/005180.html
K.C.
On Thu, Jul 29, 2010 at 11:22 AM, Bram Cymet <bcymet@cbnco.com> wrote:
> Hi,
>
> I am attempting to get pkinit working. I am using my own custom CA to
> generate the certs and I am having a little trouble generating a correct
> Subject Alternative Name (SAN) in my certs.
>
> I have been able to generate a cert with a Microsoft Universal Principal
> Name OID: 1.3.6.1.4.1.311.20.2.3
>
> However when I use this cert the kdc says 'unrecognized othername oid in
> SAN'
>
> Can anyone tell me what the correct OID that I should be using is so
> that I don't get a 'client name mismatch' error?
>
> This is for MIT kerberos.
>
> Thanks,
>
> Bram Cymet
>
>
>
> ________________________________________________
> Kerberos mailing list Kerberos@mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
>
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
