System information
This creates a base-64 encoded blob of the joined extensions, similar to this example:
MEwwLgYDVR0lAQHBCQwIgYFKoNFBAMGClGC5EKDM5PeXzUGBi2CVyLNCQYFU
iBakowGgYDVR0SBBMwEaQPMA0xCzAJBgNVBAYTAlVT
3. Copy the encoded blob, without any modifications, to a file.
4. Verify that the extensions are joined correctly before adding them to a certificate request by
converting the binary data to ASCII using the AtoB utility and then dumping the contents of
the base-64 encoded blob using the dumpasn1 utility. For information on the AtoB utility, see
Chapter 7, ASCII to Binary. The dumpasn1 tool can be downloaded at
http://fedoraproject.org/extras/4/i386/repodata/repoview/dumpasn1-0-20050404-1.fc4.html.
a. Run the AtoB utility to convert the ASCII to binary.
AtoBinput_file output_file
where input_file is the path and file containing the base-64 encoded data in ASCII and
output_file is the path and file for the utility to write the binary output.
b. Run the dumpasn1 utility.
dumpasn1output_file
where output_file is the path and file containing the binary data. The output looks similar to
this:
0 30 76: SEQUENCE {
2 30 46: SEQUENCE {
4 06 3: OBJECT IDENTIFIER extKeyUsage (2 5 29 37)
9 01 1: BOOLEAN TRUE
12 04 36: OCTET STRING
: 30 22 06 05 2A 83 45 04 03 06 0A 51 82 E4 42 83
: 33 93 DE 5F 35 06 06 2D 82 57 22 CD 09 06 05 51
: 38 81 6A 4A
: }
50 30 26: SEQUENCE {
52 06 3: OBJECT IDENTIFIER issuerAltName (2 5 29 18)
57 04 19: OCTET STRING
: 30 11 A4 0F 30 0D 31 0B 30 09 06 03 55 04 06 13
: 02 55 53
: }
: }
Chapter 17. Extension Joiner
68