certtool: added options to set arbitrary extensions to certificates and requests

This allows setting arbitrary extensions using the following new template options: add_extension = "5.6.7.8 0x0001020304050607AAABCD" add_critical_extension = "9.10.11.12.13.14.15.16.17.1.5 0xCAFE" The "0x" prefix can be omitted.
author: Nikos Mavrogiannopoulos <nmav@redhat.com> 2016-07-11 11:43:10 +0200
committer: GitLab <gitlab@gitlab.com> 2016-07-13 12:28:11 +0000
commit: ac51009cc237141c8787a49b75226a2f87f124f5 (patch)
tree: 1620dabbd2615585df97c32abf118031eec66088 /src/certtool-args.def
parent: 2f88e2b5b4b27ad67d68d6d4ad872a2b2fb93f9e (diff)
download: gnutls-ac51009cc237141c8787a49b75226a2f87f124f5.tar.gz
1 files changed, 8 insertions, 0 deletions
diff --git a/src/certtool-args.def b/src/certtool-args.def
index 931cbe8832..e0325b00f2 100644
--- a/src/certtool-args.def
+++ b/src/certtool-args.def
@@ -903,6 +903,14 @@ encryption_key
 
 ### end of key purpose OIDs
 
+### Adding arbitrary extensions
+# This requires to provide the extension OIDs, as well as the extension data in
+# hex format.
+#add_extension = "1.2.3.4 0x0AAB01ACFE"
+
+# For portability critical extensions shouldn't be set to certificates.
+#add_critical_extension = "5.6.7.8 0x1AAB01ACFE"
+
 # When generating a certificate from a certificate
 # request, then honor the extensions stored in the request
 # and store them in the real certificate.
author	Nikos Mavrogiannopoulos <nmav@redhat.com>	2016-07-11 11:43:10 +0200
committer	GitLab <gitlab@gitlab.com>	2016-07-13 12:28:11 +0000
commit	ac51009cc237141c8787a49b75226a2f87f124f5 (patch)
tree	1620dabbd2615585df97c32abf118031eec66088 /src/certtool-args.def
parent	2f88e2b5b4b27ad67d68d6d4ad872a2b2fb93f9e (diff)
download	gnutls-ac51009cc237141c8787a49b75226a2f87f124f5.tar.gz