System information
Extension Joiner
The Certificate System provides policy plug-in modules that allow standard and custom X.509
certificate extensions to be added to end-entity certificates that the server issues. Similarly, the
Certificate Setup Wizard that generates certificates for subsystem users allows extensions to be
selected and included in the certificates. The wizard interface and the request-approval page of
the agent interface contain a text area to paste any extension in its MIME-64 encoded format.
The text field for pasting the extension accepts a single extension blob. To add multiple
extensions, they must first be combined into a single extension blob, then pasted into the text
field. The ExtJoiner tool joins multiple extensions together into a single MIME-64 encoded
blob. This new, combined blob can then be pasted in the wizard text field or the
request-approval page of the agent interface to specify multiple extensions at once.
1. Syntax
The ExtJoiner utility has the following syntax:
ExtJoiner ext_file0 ext_file1 ... ext_fileN
Option Description
ext_file# Specifies the path and names for files
containing the base-64 DER encoding of an
X.509 extension.
Table 17.1.
2. Usage
ExtJoiner does not generate an extension in its MIME-64 encoded format; it joins existing
MIME-64 encoded extensions. To join multiple custom extensions and add the extensions to a
certificate request using ExtJoiner, do the following:
1. Find and note the location of the extension program files.
2. Run ExtJoiner, specifying the extension files. For example, if there are two extension files
named myExt1 and myExt2 in a directory called /etc/extensions, then the command would
be as follows:
ExtJoiner /etc/extensions/myExt1 /etc/extensions/myExt2
Chapter 17.
67