ckrueger1979

Thanks for the explanation. I would none the less expect "True" or "False" not Error 2 ;-)

``` PS C:\> $error[0].Exception.InnerException.StackTrace at System.Security.Cryptography.X509Certificates.X509AlternativeName.decodeFromRawData(Byte[] asnData) in c:\temp\pkix.net\PKI\Cryptography\X509Certificates\X509AlternativeName.cs:line 426 at System.Security.Cryptography.X509Certificates.X509NameConstraintsExtension.decodeNamesFromAsn(Byte[] rawData) in c:\temp\pkix.net\PKI\Cryptography\X509Certificates\X509NameConstraintsExtension.cs:line 103 at System.Security.Cryptography.X509Certificates.X509NameConstraintsExtension.m_decode(Byte[] rawData) in c:\temp\pkix.net\PKI\Cryptography\X509Certificates\X509NameConstraintsExtension.cs:line 79 at PKI.Utils.CryptographyUtils.ConvertExtension(X509Extension extension) in c:\temp\pkix.net\PKI\Utils\CryptographyUtils.cs:line 61 at SysadminsLV.PKI.Cryptography.X509Certificates.X509CertificateBuilder.processExtensions()...

Waow, that was fast. Thanks!

PS: csr is valid according to `.\openssl.exe req -text -noout -verify -in`

Send as requested

Maybe I found the error myself. One of the subject alternative names is bogus. It begins with a "."

Thank you very much.

Any progress on this front?

1. Lines that are longer then 1023 chars 2. Take a long line of unobfuscated code, the obfuscator elongates the line above 1023 chars -> broken VBA I would expect...

My compiler construction lecture was 20 years ago, sorry that I've mixed something up. I thought the parser should be able to parse and emit only valid language and otherwise...