Home GnuPG
Diffusion GnuPG 28c157b55cf6

Support X.509 certificate creation.
28c157b55cf6Unpublished
Actions

Unpublished Commit · Learn More

Not On Permanent Ref: This commit is not an ancestor of any permanent ref.

Description

Support X.509 certificate creation.

Using "gpgsm --genkey" allows the creation of a self-signed
certificate via a new prompt.

Using "gpgsm --genkey --batch" should allow the creation of arbitrary
certificates controlled by a parameter file. An example parameter file
is

Key-Type: RSA
Key-Length: 1024
Key-Grip: 2C50DC6101C10C9C643E315FE3EADCCBC24F4BEA
Key-Usage: sign, encrypt
Serial: random
Name-DN: CN=some test key
Name-Email: foo@example.org
Name-Email: bar@exmaple.org
Hash-Algo: SHA384
not-after: 2038-01-16 12:44

This creates a self-signed X.509 certificate using the key given by
the keygrip and using SHA-384 as hash algorithm. The keyword
signing-key can be used to sign the certificate with a different key.
See sm/certreggen.c for details.

Details

Provenance
wernerAuthored on Mar 1 2011, 2:42 PM
Parents
rGbb6d1b48f61d: Update some M4 files and AUTHORS.
Branches
Unknown
Tags
Unknown

Event Timeline

Werner Koch <wk@gnupg.org> committed rG28c157b55cf6: Support X.509 certificate creation. (authored by Werner Koch <wk@gnupg.org>).Mar 1 2011, 2:42 PM

Changes (8)

PathSize
doc/
sm/

rG28c157b55cf6

View Options

NEWS

Loading...
View Options

doc/DETAILS

Loading...
View Options

sm/ChangeLog

Loading...
View Options

sm/certreqgen-ui.c

Loading...
View Options

sm/certreqgen.c

Loading...
View Options

sm/gpgsm.h

Loading...
View Options

sm/keylist.c

Loading...
View Options

sm/misc.c

Loading...