|Applies To||RSA Certificate Manager 6.6 API|
Microsoft Windows Server 2003 SP1
|Issue||How to create FASC-N value in subjectAltName using RSA Certificate Manager API|
Does not encode FASC-N value with OID (2.16.840. 220.127.116.11.6) in SubjectAltName as an <OtherName> name containing the octet string
RSA Certificate Manager API must be able to encode the FASC-N value in the subjectAltName as an otherName value containing an Octet String; it currently only "knows" that an otherName should be an Octet String based on a hard-coded list of OIDs. At a bare minimum, the FASC-N OID must be added to this list. The result should be something like the following example:
Subject Alternative Name
2.16.818.104.22.168.6.6=04 19 d2 32 10 d8 21 0c 2c 1a 84 30 85 a1 68 58 30 08 42 10 86 08 82 32 10 c3 e1
Further details can be found in Appendix D of FIPS 201 located at http://csrc.nist.gov/publications/fips/fips201-1/FIPS-201-1-v5.pdf
|Resolution||- RSA Certificate Manager 6.6 build 304 does not encode the FASC-N value as an octet string.|
- RSA Certificate Manager 6.6 build 305 encodes the FASC-N value with OID (2.16.822.214.171.124.6.6) as an octet string.
Sample code has been provided with RSA Certificate Manager API 6.6 build 305 on how to add such an extension.
Contact RSA Security Customer Support to request RSA Certificate Manager API 6.6 build 305 and higher.
|Legacy Article ID||a31002|