x509: support certificates with human-friendly annotations
currently, in our private puppet repository, x509 certificates (as well as private keys) are annotated with human-friendly information.
for human-friendliness of unit-test certificates (including in software relying on lasso, e.g. authentic), such annotation would benefit from being supported by lasso.
fyi the annotation shell script relies on openssl cli, as follows :
for pem in *.pem *.key do if test -r $pem then echo " " $pem openssl crl2pkcs7 -nocrl -certfile $pem | openssl pkcs7 -print_certs -text -out $pem.$$-new openssl rsa -in $pem -text >> $pem.$$-new 2> /dev/null || /bin/true mv $pem.$$-new $pem fi done