Add a tool which can sync the Mono cert store from an arbitrary cert bundle (i.e...

[mono.git] / mcs / tools / security / makecert.cs

diff --git a/mcs/tools/security/makecert.cs b/mcs/tools/security/makecert.cs
index bb1616a58ec0e9d6dad083a9490185150174923e..99baefdd8b75df074ceaff4f1170f692230f1283 100644 (file)
--- a/mcs/tools/security/makecert.cs
+++ b/mcs/tools/security/makecert.cs
@@ -111,6 +111,7 @@ namespace Mono.Tools {
                        CspParameters issuerParams = new CspParameters ();
                        BasicConstraintsExtension bce = null;
                        ExtendedKeyUsageExtension eku = null;
+                       SubjectAltNameExtension alt = null;
                        string p12file = null;
                        string p12pwd = null;
                        X509Certificate issuerCertificate = null;
@@ -214,6 +215,12 @@ namespace Mono.Tools {
                                                        }
                                                        bce.PathLenConstraint = Convert.ToInt32 (args [i++]);
                                                        break;
+                                               case "-alt":
+                                                       if (alt == null) {
+                                                               string [] dnsNames = File.ReadAllLines (args [i++]);
+                                                               alt = new SubjectAltNameExtension (null, dnsNames, null, null);
+                                                       }
+                                                       break;
                                                case "-ic":
                                                        issuerCertificate = LoadCertificate (args [i++]);
                                                        issuer = issuerCertificate.SubjectName;
@@ -393,6 +400,8 @@ namespace Mono.Tools {
                                        cb.Extensions.Add (bce);
                                if (eku != null)
                                        cb.Extensions.Add (eku);
+                               if (alt != null)
+                                       cb.Extensions.Add (alt);
                                // signature
                                cb.Hash = hashName;
                                byte[] rawcert = cb.Sign (issuerKey);