Added CreateOriginBound method to x509_certificate.h.

net/base/origin_bound_cert_service.cc

Index: net/base/origin_bound_cert_service.cc
diff --git a/net/base/origin_bound_cert_service.cc b/net/base/origin_bound_cert_service.cc
index 50d45c446e2fe41906a3d62802354acb45ee5460..4f53fc329287dee2554ac38e7a364efce28fceb2 100644
--- a/net/base/origin_bound_cert_service.cc
+++ b/net/base/origin_bound_cert_service.cc
@@ -316,19 +316,25 @@ int OriginBoundCertService::GenerateCert(const std::string& origin,
                                          uint32 serial_number,
                                          std::string* private_key,
                                          std::string* cert) {
-  std::string subject = "CN=OBC";
   scoped_ptr<crypto::RSAPrivateKey> key(
       crypto::RSAPrivateKey::Create(kKeySizeInBits));
   if (!key.get()) {
     LOG(WARNING) << "Unable to create key pair for client";
     return ERR_KEY_GENERATION_FAILED;
   }
-
+#if defined(USE_NSS)
+  scoped_refptr<X509Certificate> x509_cert = X509Certificate::CreateOriginBound(
+      key.get(),
+      origin,
+      serial_number,
+      base::TimeDelta::FromDays(kValidityPeriodInDays));
+#else
   scoped_refptr<X509Certificate> x509_cert = X509Certificate::CreateSelfSigned(
       key.get(),
-      subject,
+      "CN=anonymous.invalid",
       serial_number,
       base::TimeDelta::FromDays(kValidityPeriodInDays));
+#endif
   if (!x509_cert) {
     LOG(WARNING) << "Unable to create x509 cert for client";
     return ERR_ORIGIN_BOUND_CERT_GENERATION_FAILED;