Index: doc/tls.html
==================================================================
--- doc/tls.html
+++ doc/tls.html
@@ -279,10 +279,14 @@
         <dd>The expiration date for the certificate.</dd>
         <dt><strong>subject</strong> <em>dn</em></dt>
         <dd>The distinguished name (DN) of the certificate subject.
 	    Fields include: Common Name (CN), Organization (O), Locality
 	    or City (L), State or Province (S), and Country Name (C).</dd>
+        <dt><strong>issuerUniqueID</strong> <em>string</em></dt>
+        <dd>The issuer unique id.</dd>
+        <dt><strong>subjectUniqueID</strong> <em>string</em></dt>
+        <dd>The subject unique id.</dd>
 
         <dt><strong>num_extensions</strong> <em>n</em></dt>
         <dd>Number of certificate extensions.</dd>
         <dt><strong>extensions</strong> <em>list</em></dt>
         <dd>List of certificate extension names.</dd>
@@ -293,10 +297,14 @@
 	    and IP addresses that are secured by the certificate.</dd>
 
 	<dt><strong>certificate</strong> <em>cert</em></dt>
         <dd>The PEM encoded certificate.</dd>
 
+        <dt><strong>signatureAlgorithm</strong> <em>algorithm</em></dt>
+        <dd>Cipher algorithm used for certificate signature.</dd>
+        <dt><strong>signatureValue</strong> <em>string</em></dt>
+        <dd>Certificate signature as hex string.</dd>
         <dt><strong>signatureDigest</strong> <em>version</em></dt>
         <dd>Certificate signing digest.</dd>
         <dt><strong>publicKeyAlgorithm</strong> <em>algorithm</em></dt>
         <dd>Certificate signature public key algorithm.</dd>
         <dt><strong>publicKey</strong> <em>string</em></dt>

Index: generic/tlsX509.c
==================================================================
--- generic/tlsX509.c
+++ generic/tlsX509.c
@@ -225,10 +225,29 @@
 	
 	/* Check if cert was issued by CA cert issuer or self signed */
 	Tcl_ListObjAppendElement(interp, certPtr, Tcl_NewStringObj("self_signed", -1));
 	Tcl_ListObjAppendElement(interp, certPtr, Tcl_NewBooleanObj(X509_check_issued(cert, cert) == X509_V_OK));
     }
+
+    /* Unique Ids */
+    {
+	const ASN1_BIT_STRING *iuid, *suid;
+        X509_get0_uids(cert, &iuid, &suid);
+	Tcl_ListObjAppendElement(interp, certPtr, Tcl_NewStringObj("issuerUniqueId", -1));
+	if (iuid != NULL) {
+	    Tcl_ListObjAppendElement(interp, certPtr, Tcl_NewByteArrayObj((char *)iuid->data, iuid->length));
+	} else {
+	    Tcl_ListObjAppendElement(interp, certPtr, Tcl_NewStringObj("", -1));
+	}
+
+	Tcl_ListObjAppendElement(interp, certPtr, Tcl_NewStringObj("subjectUniqueId", -1));
+	if (suid != NULL) {
+	    Tcl_ListObjAppendElement(interp, certPtr, Tcl_NewByteArrayObj((char *)suid->data, suid->length));
+	} else {
+	    Tcl_ListObjAppendElement(interp, certPtr, Tcl_NewStringObj("", -1));
+	}
+    }
 
     /* Alias  */
     Tcl_ListObjAppendElement(interp, certPtr, Tcl_NewStringObj("alias", -1));
     len = 0;
     bstring = X509_alias_get0(cert, &len);
@@ -314,8 +333,30 @@
 	}
 	sk_GENERAL_NAME_pop_free(san, GENERAL_NAME_free);
 	Tcl_ListObjAppendElement(interp, certPtr, Tcl_NewStringObj("subjectAltName", -1));
 	Tcl_ListObjAppendElement(interp, certPtr, namesPtr);
     }
+
+    /* Signature algorithm and value */
+    {
+	const X509_ALGOR *sig_alg;
+	const ASN1_BIT_STRING *sig;
+	int sig_nid;
+
+	X509_get0_signature(&sig, &sig_alg, cert);
+	/* sig_nid = X509_get_signature_nid(cert) */
+	sig_nid = OBJ_obj2nid(sig_alg->algorithm);
+
+	Tcl_ListObjAppendElement(interp, certPtr, Tcl_NewStringObj("signatureAlgorithm", -1));
+	Tcl_ListObjAppendElement(interp, certPtr, Tcl_NewStringObj(OBJ_nid2ln(sig_nid),-1));
+
+	Tcl_ListObjAppendElement(interp, certPtr, Tcl_NewStringObj("signatureValue", -1));
+	if (sig_nid != NID_undef) {
+	    len = String_to_Hex(sig->data, sig->length, publicKey, BUFSIZ);
+	    Tcl_ListObjAppendElement(interp, certPtr, Tcl_NewStringObj(publicKey, len));
+	} else {
+	    Tcl_ListObjAppendElement(interp, certPtr, Tcl_NewStringObj("", -1));
+	}
+    }
 
     return certPtr;
 }