Releases · bp2008/SSL-Certificate-Maker

Version 2.0

Version 2.0 adds some capabilities to the app while attempting to retain the extreme simplicity of the original design.

Generated certificates are now kept in subfolders named either CA or CERT depending on their purpose.
- CA folder for certificate authorities
- CERT folder for regular certificates (e.g. for a web server)
The Issuer/Certificate Authority dropdown list is now populated only from items in the "CA" subfolder.
If upgrading from version 1.x, it is advisable to move all existing certificates to the above mentioned subfolders depending on their intended purpose.

The app is now aware of and will persist certificate chains (certificates of the issuers, in a chain leading back to a root certificate authority) when creating or converting certificates.
- When dealing with .cer & .key files, the full chain must be included in the .cer file. The app does not support the use of a separate file for the chain.
- When writing the chain to a .cer file, the app will order certificates such that each certificate is the issuer of the one above it. Any ordering is acceptable when reading an existing .cer file; the app will figure out the correct order as long as the chain is unbroken.
- The app will not read from the operating system's certificate store when attempting to resolve the certificate chain.
Key Usage and Extended Key Usage attributes may now be set in new certificates.
Added "preset" buttons for "CA" and "Web Server" certificate creation. These buttons assign reasonable default settings, particularly for Key Usage and Extended Key Usage.
Basic Constraints are now set in new certificates, identifying if it is a Certificate Authority or not. A certificate will be considered a CA if its Key Usage attributes are "CRL Signing" and "Certificate Signing".