Set the string-mask to utf8only If subject had utf-8 characters in them, the encoding chosen by OpenSSL for defaults T61. From the OpenSSL source code: * utf8only : only use UTF8Strings (RFC2459 recommendation for 2004). That was 10 years ago, and the last remnant that had problems with it was Netscape, which is no longer a problem. A request changes from: 13:d=5 hl=2 l= 3 prim: OBJECT :commonName 18:d=5 hl=2 l= 9 prim: T61STRING :Gurka �� To: 13:d=5 hl=2 l= 3 prim: OBJECT :commonName 18:d=5 hl=2 l= 12 prim: UTF8STRING :Gurka åäö OpenSSL/test/test_crypto.py Update test DER data to have utf8string. ( \x0c instead of \0x13, PrintableString )

commit: 5533e2533af88316226eed609913da52232d4103 [log] [tgz]
author: D.S. Ljungmark <spider@skuggor.se> Sat May 31 13:18:41 2014 +0200
committer: Paul Kehrer <paul.l.kehrer@gmail.com> Wed Apr 15 12:43:05 2015 -0400
tree: 4f6db1bbdf0db6e6ac28c361ed933a50201d8ceb
parent: 0959cb6b0166d838236317af00bdf41c6eb1cb4c [diff] [blame]
diff --git a/OpenSSL/crypto.py b/OpenSSL/crypto.py
index 50ff74f..4999194 100644
--- a/OpenSSL/crypto.py
+++ b/OpenSSL/crypto.py

@@ -463,6 +463,9 @@
         if isinstance(value, _text_type):
             value = value.encode('utf-8')
 
+        # Make it so OpenSSL generates utf-8 strings.
+        _lib.ASN1_STRING_set_default_mask_asc(b'utf8only')
+
         add_result = _lib.X509_NAME_add_entry_by_NID(
             self._name, nid, _lib.MBSTRING_UTF8, value, -1, -1, 0)
         if not add_result:
commit	5533e2533af88316226eed609913da52232d4103	[log] [tgz]
author	D.S. Ljungmark <spider@skuggor.se>	Sat May 31 13:18:41 2014 +0200
committer	Paul Kehrer <paul.l.kehrer@gmail.com>	Wed Apr 15 12:43:05 2015 -0400
tree	4f6db1bbdf0db6e6ac28c361ed933a50201d8ceb
parent	0959cb6b0166d838236317af00bdf41c6eb1cb4c [diff] [blame]