I created a self-signed SSL certificate and have no problems using it, but the browser (Firefox, Chrome / IE) shows distorted characters in the name of the organization (something above ASCII has 2 characters).
I created the certificate in Debian running on a virtual server (Win host), the shell locale is * .UTF-8, and I used CA.pl to do this. I can create files with Unicode characters and have no other problems, but the certificate has "Organizauçà £ o" instead of "Organização".
Any tips? Avoid characters (how)? Discard locale to ISO / IEC 8859-1? Using some method without shell? Am I missing something obvious?
On the side of the note, is there a simple way (e.g. 4ummies ™) for distributing the certificate so that the user can simply click and install? All the wires I've seen include too many windows for the average user; and without installing it, the browser will screech every time a user visits (except for Firefox, which makes it easy to install it through a warning).
Change 1
Checking the asn1parse man page and its example:
openssl asn1parse -genstr 'UTF8:Organização'
gives:
0:d=0 hl=2 l= 17 prim: UTF8STRING :Organização
So, I guess this is a typing issue. This is my local info:
LANG=pt_PT.utf8
LANGUAGE=en_US:en
All LC_* fields="pt_PT.utf8"
LC_ALL=
I have no problem touching Organização or any other files with nonASCII characters, but my CA certificate is silent up to 8 bits.
Edit 2
, OpenSSL. man req, this "": , T61String OpenSSL BMPString
, :
openssl asn1parse -genstr 'BMP:Organização'
:
0:d=0 hl=2 l= 26 prim: BMPSTRING