Q1: Is there a way to add custom extention attributes (e.g. CertificatePolicies, ExtemdedKeyUsage, KeyUsage, Admission,...) to an CSR generated with bouncyCastle 1.5.1?
Q2: Will a CA take extention attributes into account at all?
Asked
Active
Viewed 2,425 times
1 Answers
1
Q1: See Adding attributes to certificate request, java + bouncycastle 1.48
Q2: This may depend on the CA, but I think the answer is usually "no". Certainly no CA will just copy CertificatePolicies, KeyUsage or ExtendedKeyUsage from your CSR to the certificate, as that would be horribly insecure.
