generating eddsa certs with certutil?
12 views
Skip to first unread message
Andrew Cagney
Sep 27, 2025, 8:29:43 AM (9 days ago) Sep 27
to dev-tec...@mozilla.org
Hi,
I'm merging Rishabh Kumar's EDDSA changes into Libreswan (yes, it's
been a while).
Currently I'm stuck on the tweaks needed to generate EDDSA test certs.
The patch used openssl since, at the time, libreswan was using an
interesting combination of pyOpenSSL and raw openssl commands.
Unfortunately, since the patch was written, pyOpenSSL was deprecated;
our solution being to flush that code and use NSS instead. Rather
than re-introduce an openssl dependency, is it possible to generate
certs using cerutil? I couldn't see anything in the documentation.
Andrew
I'm merging Rishabh Kumar's EDDSA changes into Libreswan (yes, it's
been a while).
Currently I'm stuck on the tweaks needed to generate EDDSA test certs.
The patch used openssl since, at the time, libreswan was using an
interesting combination of pyOpenSSL and raw openssl commands.
Unfortunately, since the patch was written, pyOpenSSL was deprecated;
our solution being to flush that code and use NSS instead. Rather
than re-introduce an openssl dependency, is it possible to generate
certs using cerutil? I couldn't see anything in the documentation.
Andrew
Reply all
Reply to author
Forward
0 new messages