Novell Documentation: Novell Certificate Server Libraries for C

5.3 Subject Alternative Names Extension

The X.509 subject alternative name extension is used to specify additional identities to be bound to the subject of the certificate (that is, other names that identify the object). See Section 4.3, General Name Type Extensions. The subject alternative name extension uses a specific extension structure (NPKI_ExtAltNames or NPKI_AltName) described below:

    typedef struct      NPKI_ExtAltNames
    {
         nuint32             flags;
         nuint16             numberOfNames;
         NPKI_AltNames     *altName;    // Array of structures
    }NPKI_ExtAltNames;

flags: Specifies how the extension is encoded in the certificate. flags is composed of both general purpose flags combined with any subject alternative names extension specific flags. For a description of the general purpose flags, see the General Purpose Extension Flags.

NOTE:There are no subject alternative name extension specific flags defined in this release.

numberOfNames: Specifies the number of elements in the array altName.

altName: Points to an array of NPKI-AltName structures; each element in the array contains one alternative name. The NPKI-AltName structures are described below.

    typedef struct      NPKI_AltName
    {
         nuint16             type;
         nuint16             length;
         nuint8              *value;    }NPKI_AltName;

type: Specifies how the subject alternative name is encoded in the certificate. For a description of the types, see the Section 4.3, General Name Type Extensions.

length: Specifies the length (in bytes) of the value field (that is, the alternative names).

value: Points to the byte array that contains the alternative name.