Feature request to have DHE/ECDHE based certificate creation

[ciscohack]

Hello Chris,

First I would like to thank you for such a great tool, it helps a lot in my day-to-day lab creation. But I missed one option and hope to get this in future releases. Can you add DHE and ECDHE or ECDH-based server certificates? I know this option is only for server/client certificates. Hence, I request you to please include this option to have this extension in the extension option in the next release.

Please do ack to my feature request

[chris2511]

As far as i know (EC)DH(E) is part of the TLS key exchange to reach Perfect-Forward-Secrecy. It has nothing to do with the certificate itself. I did not find anything on the internet about "ECDHE or ECDH-based server certificates". Also I know nothing about a ECDHE-extension. Maybe I'm just too ignorant/blind.

Please point me to any RFC or other spec and even better attach an example "ECDHE or ECDH-based server certificate" for me to see what you mean. TIA

[ciscohack]

@chris2511 Thanks for the comment my friend.. I don't have certificate sample at the moment but will see if i could find will surely share.. btw what is the plan of UPN feature addition in certificate ..any plan?

[chris2511]

what is the plan of UPN feature addition in certificate ..any plan?

90 and #315 closed with 60ca584266743c17895e8cb03ef407a5d1ffa3bb and 2b3f4dd039873a67cbc1fd65c83b4e7a224afd65

Additional check during certificate enrollment demanded by #239 implemented with 5f4308245c2dc802d9273a70649cbbe64f4b5b8a