As kind of an extension of defect
http://bugzilla.mozilla.org/show_bug.cgi?id=112940 we need the ability to issue
and request certificates with the SubjectAltName extension set.
It would be great to be able to do this this using certutil as well.
Assigned to Bob for evaluation.
We'd need the necessary APIs to add SubjectAltName extensions to the certificate
request, and to issue certs with that extension, PLUS the ability to use these
CERT_CreateCertificateRequest seems to have the ability to pass in SECItems as
attributes, but I'm not sure if this would be the proper way to pass
Also, my limited understanding of the code in CERT_CreateCertificate leads me to
believe that extensions/attributes are not copied when the certificate is
created from the request.
Set target milestone 3.4.1, priority P1.
Changed the QA contact to Bishakha.
Bob, could you evaluate this enhancement request?
This will require some research. I have never really looked at the cert request
code, though the cert request API have been mostly replaced by the CRMF/CMMF
code. It may be the we want to reprioritize this as a CMMF function.
Set priority P1.
Moved to 3.6.
Moved to Future for now. Will consider this
for NSS 3.7.
Moved to target milestone 3.8 because the original
NSS 3.7 release has been renamed 3.8.
Created attachment 111102 [details] [diff] [review]
Add support to build single certs with multiple DNS names
Fix checked in.
NOTE: it does not generate cert requests with the multiple DN, but it can take a
cert request and build a cert with the multiple DN's int the cert.