[Mono-list] Creating a certificate

Hellan.Kim KHE KHE at kmd.dk
Tue Sep 4 09:43:40 EDT 2007


I actually don't need that many extensions. Those already in the ..\Mono.Security.X509.Extension folder would do just fine.
The problem is, as you mention, that they don't seem to be "finished" as most of them only got a Decode() method, but not an Encode() method.

Unfortunately my knowledge about certificate encoding is too limited, to be able to complete the extension classes :(

I would have preferred to use Mono, but if someone knows another way of creating certificates incl. extensions in .NET, please let me know.


-----Oprindelig meddelelse-----
Fra: mono-list-bounces at lists.ximian.com [mailto:mono-list-bounces at lists.ximian.com] På vegne af Sebastien Pouliot
Sendt: 4. september 2007 13:54
Til: Hellan.Kim KHE
Cc: Mono List
Emne: Re: [Mono-list] Creating a certificate


On Tue, 2007-09-04 at 10:57 +0200, Hellan.Kim KHE wrote:
> Hi,
> It's been a while since I have been looking at the Mono support for
> creating a certificate.
> Last time I looked, Mono couldn't quite create the certificate that I
> needed.

Nothing has changed much in Mono.Security.dll, at least with respect to
certificates, for a long time.

New stuff has happened, but all inside System.dll v2, so a lot more
stuff and x.509 extensions are available. Sadly System.dll v2 doesn't
allow you to encode certificates, only to decode them.

> I need:
> A certificate signed by a CA (cert/key).
> Support for keyUsage, crlDistributionPoints, basicConstraints,
> certificatePolicies, authorityKeyIdentifier, subjectAltName,
> subjectKeyIdentifier extensions.
> What is the status on Mono at the moment... can I use the Mono.Security
> classes to create such a certificate?

Yes, but like before you'll need to implement yourself the extensions
that aren't supported (or encoded) by Mono.Security.dll. 

While the design is extensible the contributions in this area didn't
extend very much ;-) and Mono.Security.dll already supports what
required for the .net framework/tools itself.

Sebastien Pouliot  <sebastien at ximian.com>
Blog: http://pages.infinit.net/ctech/

Mono-list maillist  -  Mono-list at lists.ximian.com

More information about the Mono-list mailing list