Open
Bug 286507
Opened 20 years ago
Updated 2 years ago
certutil needs non-interactive way to specify cert extensions
Categories
(NSS :: Tools, enhancement, P3)
Tracking
(Not tracked)
NEW
People
(Reporter: nelson, Unassigned)
Details
When certutil is run to create a cert or CSR, and command line options
are given to request certain cert extensions, certutil goes into a
line-by-line prompt-and-answer interactive mode to collect info about
the extensions. This is not good for scripting.
certutil needs a non-interactive way to be able to fully specify all the
extensions that it now can create.
Here is a suggestion for how it might be done (not required to be this way):
I suggest a single new command line options that takes a string argument.
The command line option says "add an extension specified as follows".
The string will specify all the following:
- the extension type/name
- izzit critical
- any other relevant options, e.g. is-a-ca, path length constrraint,
key usage, etc.
I'd prefer if the argument string used mnemonic names rather than numbers
where possible, e.g. "KE" or "Key cipher" or "Key Encipherment" rather than 2.
This is all in addition to the existing methods, not a replacement for them.
|
Reporter | |
Updated•20 years ago
|
OS: Windows 3.1 → All
Priority: -- → P3
|
|
Reporter | |
Updated•20 years ago
|
QA Contact: bishakhabanerjee → jason.m.reid
|
|
Reporter | |
Updated•19 years ago
|
QA Contact: jason.m.reid → tools
|
||
Updated•18 years ago
|
Target Milestone: --- → 3.11.8
|
|
||
Updated•18 years ago
|
Target Milestone: 3.11.8 → Future
|
|
||
Updated•18 years ago
|
Target Milestone: Future → ---
|
|
Reporter | |
Updated•17 years ago
|
Assignee: neil.williams → nobody
|
||
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•