Bug 3658 - grid-cert-info should have option for RFC 2253 format DN
: grid-cert-info should have option for RFC 2253 format DN
Credentials and Proxies
: 1.1.3
: All All
: P3 enhancement
: 4.2.2
Assigned To:
: C/Java
  Show dependency treegraph
Reported: 2005-08-16 12:43 by
Modified: 2008-11-17 16:34 (History)



You need to log in before you can comment on or make changes to this bug.

Description From 2005-08-16 12:43:51
OpenSSL can produce RFC 2253 formatted DNs, but grid-cert-info doesn't have an
option to do so. Since other PKI systems and standards specify RFC 2253 format,
this would be useful. For example, this is the DN format used in SAML.

I suggest we add a '--rfc2253' option to grid-cert-info (and grid-proxy-info) to
produce this behavior.

% openssl x509 -in ~/.globus/usercert.pem -subject -noout -nameopt RFC2253
subject= CN=Von S. Welch,O=National Center for Supercomputing Applications,C=US

(We should leave off the 'subject=' prefix.)
------- Comment #1 From 2008-08-12 14:26:24 -------
Does it matter that RFC 4514 obsoletes RFC 2253?  I read Appendix B (Changes
Made since RFC 2253) from RFC 4514 but I don't have a sense if the changes are
------- Comment #2 From 2008-08-14 09:04:09 -------
I gave appendix B a read and I don't see anything that I think effects us.
------- Comment #3 From 2008-11-17 16:34:52 -------
Committed this to 4.2 branch and trunk.