Keeping the work in progress after the new 0.6.0 version, I'm pleased to announce the 0.5.4 version of gnoMint: a graphical X.509 Certification Authority management tool. This version adds adds some features:
- Now it is possible to generate CRLs for all the CAs in the hierarchy, not only the first root CA.
- Now, the dependences between certificate uses and certificate purposes are enforced.
- Now, the CA used for inheriting fields while creating a CSR is remembered, so it is the default selected CA while signing it.
- Just created files now in 0600 mode, so only owner car read them.
- gnoMint now can compile with much stricter compiler parameters (not enabled by default).
- A lot of autotools cleaning, thanks to Stanek Lubos <email@example.com>
- Now, certificates (CA and non-CA) can be imported from external files.
- Added Swedish translation, thanks to Launchpad.net collaborators.
There are also several fixes:
- Expired certificates appear only in the first CRL released after the expiration date, according to RFC 5280 (page 13).
- Subject and issuer key id are properly set, according to RFC 5280
- Fixing segmentation fault when the CSR or the CA certificates have NULL fields.
- Fixing problem: only the first certificate in database could sign CSRs in password-protected databases.
- Fixing problem: now expiration time is properly set (there was a problem related with the difference between UTC and localtime).
- Some other segmentation faults are fixed too.
You can get the tarball from sourceforge mirrors: http://prdownloads.sourceforge.net/gnomint/gnomint-0.5.4.tar.gz?download