[Mono-list] Creating a certificate

Sebastien Pouliot sebastien.pouliot at gmail.com
Tue Sep 4 07:53:36 EDT 2007


On Tue, 2007-09-04 at 10:57 +0200, Hellan.Kim KHE wrote:
> Hi,
> It's been a while since I have been looking at the Mono support for
> creating a certificate.
> Last time I looked, Mono couldn't quite create the certificate that I
> needed.

Nothing has changed much in Mono.Security.dll, at least with respect to
certificates, for a long time.

New stuff has happened, but all inside System.dll v2, so a lot more
stuff and x.509 extensions are available. Sadly System.dll v2 doesn't
allow you to encode certificates, only to decode them.

> I need:
> A certificate signed by a CA (cert/key).
> Support for keyUsage, crlDistributionPoints, basicConstraints,
> certificatePolicies, authorityKeyIdentifier, subjectAltName,
> subjectKeyIdentifier extensions.
> What is the status on Mono at the moment... can I use the Mono.Security
> classes to create such a certificate?

Yes, but like before you'll need to implement yourself the extensions
that aren't supported (or encoded) by Mono.Security.dll. 

While the design is extensible the contributions in this area didn't
extend very much ;-) and Mono.Security.dll already supports what
required for the .net framework/tools itself.

Sebastien Pouliot  <sebastien at ximian.com>
Blog: http://pages.infinit.net/ctech/

More information about the Mono-list mailing list