Open
Bug 969820
Opened 10 years ago
Updated 6 months ago
certutil lacks a mechanism to encode generic extensions
Categories
(NSS :: Tools, enhancement, P5)
Tracking
(Not tracked)
NEW
People
(Reporter: KaiE, Unassigned)
References
Details
certutil doesn't offer a way to add generic extensions. Only the type of extensions that certutil already knows about can be added. It would be nice if NSS offered a syntax to describe arbitrary extensions, similar to what openssl offers and is described here: http://www.openssl.org/docs/apps/x509v3_config.html#ARBITRARY_EXTENSIONS
|
Reporter | |
Updated•10 years ago
|
Component: Libraries → Tools
|
||
Comment 1•10 years ago
|
||
I agree it would be awesome to support the "DER:<raw bytes>" syntax, at least. It would make it possible to use certutil to generate invalid test cases for certificate handling. Kai, are you going to be working on this?
|
|
Reporter | |
Comment 2•10 years ago
|
||
> Kai, are you going to be working on this? This is a tracking bug for the general purpose solution (which I'm not going to work). Rather, I'm going to implement the workaround that is described in bug 969822 - please let's use bug 969822 for the workaround you are looking for. I believe the work I'll do will help you, even though it will require you loading the binary extension (or the invalid data for testing) from a separate file (instead of the inline syntax you suggested).
|
||
Updated•2 years ago
|
Severity: normal → S3
|
||
Updated•6 months ago
|
Severity: S3 → N/A
Priority: -- → P5
You need to log in
before you can comment on or make changes to this bug.
Description
•