Bugzilla – Bug 3658
grid-cert-info should have option for RFC 2253 format DN
Last modified: 2008-11-17 16:34:52
You need to
before you can comment on or make changes to this bug.
OpenSSL can produce RFC 2253 formatted DNs, but grid-cert-info doesn't have an
option to do so. Since other PKI systems and standards specify RFC 2253 format,
this would be useful. For example, this is the DN format used in SAML.
I suggest we add a '--rfc2253' option to grid-cert-info (and grid-proxy-info) to
produce this behavior.
% openssl x509 -in ~/.globus/usercert.pem -subject -noout -nameopt RFC2253
subject= CN=Von S. Welch,O=National Center for Supercomputing Applications,C=US
(We should leave off the 'subject=' prefix.)
Does it matter that RFC 4514 obsoletes RFC 2253? I read Appendix B (Changes
Made since RFC 2253) from RFC 4514 but I don't have a sense if the changes are
I gave appendix B a read and I don't see anything that I think effects us.
Committed this to 4.2 branch and trunk.