OID for Kerberos Principal Name
Bram Cymet
bcymet at cbnco.com
Thu Jul 29 11:22:20 EDT 2010
Hi,
I am attempting to get pkinit working. I am using my own custom CA to
generate the certs and I am having a little trouble generating a correct
Subject Alternative Name (SAN) in my certs.
I have been able to generate a cert with a Microsoft Universal Principal
Name OID: 1.3.6.1.4.1.311.20.2.3
However when I use this cert the kdc says 'unrecognized othername oid in
SAN'
Can anyone tell me what the correct OID that I should be using is so
that I don't get a 'client name mismatch' error?
This is for MIT kerberos.
Thanks,
Bram Cymet
More information about the Kerberos
mailing list