Revision 58b2334f
Added by Jim Pingle almost 6 years ago
| src/usr/local/share/pfSense/ssl/openssl.cnf | ||
|---|---|---|
| 195 | 195 |
nsComment = "OpenSSL Generated Server Certificate" |
| 196 | 196 |
subjectKeyIdentifier = hash |
| 197 | 197 |
authorityKeyIdentifier = keyid,issuer:always |
| 198 |
extendedKeyUsage = serverAuth,1.3.6.1.5.5.8.2.2 |
|
| 198 |
extendedKeyUsage = serverAuth,clientAuth,1.3.6.1.5.5.8.2.2
|
|
| 199 | 199 |
|
| 200 | 200 |
[ server_san ] |
| 201 | 201 |
|
| ... | ... | |
| 206 | 206 |
nsComment = "OpenSSL Generated Server Certificate" |
| 207 | 207 |
subjectKeyIdentifier = hash |
| 208 | 208 |
authorityKeyIdentifier = keyid,issuer:always |
| 209 |
extendedKeyUsage = serverAuth,1.3.6.1.5.5.8.2.2 |
|
| 209 |
extendedKeyUsage = serverAuth,clientAuth,1.3.6.1.5.5.8.2.2
|
|
| 210 | 210 |
subjectAltName = $ENV::SAN |
| 211 | 211 |
|
| 212 | 212 |
[ req_usr_cert ] |
| ... | ... | |
| 236 | 236 |
keyUsage = digitalSignature, keyEncipherment |
| 237 | 237 |
nsComment = "OpenSSL Generated Server Certificate" |
| 238 | 238 |
subjectKeyIdentifier = hash |
| 239 |
extendedKeyUsage = serverAuth,1.3.6.1.5.5.8.2.2 |
|
| 239 |
extendedKeyUsage = serverAuth,clientAuth,1.3.6.1.5.5.8.2.2
|
|
| 240 | 240 |
|
| 241 | 241 |
[ req_server_san ] |
| 242 | 242 |
|
| ... | ... | |
| 246 | 246 |
keyUsage = digitalSignature, keyEncipherment |
| 247 | 247 |
nsComment = "OpenSSL Generated Server Certificate" |
| 248 | 248 |
subjectKeyIdentifier = hash |
| 249 |
extendedKeyUsage = serverAuth,1.3.6.1.5.5.8.2.2 |
|
| 249 |
extendedKeyUsage = serverAuth,clientAuth,1.3.6.1.5.5.8.2.2
|
|
| 250 | 250 |
subjectAltName = $ENV::SAN |
| 251 | 251 |
|
| 252 | 252 |
[ v3_req ] |
Also available in: Unified diff
Add clientAuth EKU to Server type certificates. Fixes #9868
(cherry picked from commit 46869dd2b5ebf32e8297d65f98444fb38d314336)