The implementation of the "Extended Key Usage" attribute now allows the creation of certificates that require this extension. The following extended key usage types have been implemented through a new setting in the certificate verification screens: serverAuth, clientAuth, codeSigning, emailProtection, timeStamping, and ocspSigning.
An issue where the nasty P12 export function still created a zero byte P12 file when no private key was pasted at all was fixed. There is now an extra comment on the Web request form that the private key file is really needed for PKCS12 export.
P12エクスポート機能を使用するときに、プライベートキーに複数の末尾には空行を貼り付けされ、空のゼロp12ファイルのバイトの作成に失敗しました。 S / MIMEの証明書を作成するためのリンクをどのように助けるためにを追加しました。
タグ:
Minor bugfixes
The P12 export function failed when a private key
was pasted with multiple trailing empty lines,
creating a empty zero byte p12 file. A link for a
S/MIME certificate creation how-to was added to
help.
Generation of S/MIME certificates is fully supported. The new certexport.cgi convienently converts an existing PEM certificate into either DER or PKCS12 format. The certsearch.cgi function has been expanded to filter certificates by their serial number. The [Go Back] button in genrequest.cgi now correctly refers back to buildrequest.cgi instead of pointing to certrequest.cgi. The latest CGI were missing in the top level Makefile. The REQLEN parameter was too small for certificates with a 4096 bit key. A minor display bug in the HTML table of getcert.cgi was fixed.
The new CGI certsearch.cgi can search in all
exisiting certificates, filtering the cert store
per subject field, validation, or expiration date.
This helps to identify certificates that are about
to expire and renew them before they become
invalid. Font cleanup was done in certverify.cgi
and genrequest.cgi for a consistent look and feel.
