summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorelijah <elijah@riseup.net>2014-10-27 14:46:16 -0700
committerelijah <elijah@riseup.net>2014-10-27 14:46:16 -0700
commit8067a244be533aac273725bef70618bae6f557cc (patch)
tree928a50f199288b34ce20517747ad7eaadce121bd /lib
parent09bd68966c57eb9b464625eb2c2bb86d14847c0f (diff)
certs: fix csr generation (correct the key usage, remove msExtReq from attributes)
Diffstat (limited to 'lib')
-rw-r--r--lib/leap_cli/commands/ca.rb3
1 files changed, 1 insertions, 2 deletions
diff --git a/lib/leap_cli/commands/ca.rb b/lib/leap_cli/commands/ca.rb
index ea4c8a8..ecc324b 100644
--- a/lib/leap_cli/commands/ca.rb
+++ b/lib/leap_cli/commands/ca.rb
@@ -303,7 +303,7 @@ module LeapCli; module Commands
basic.ca = false
}
extensions << CertificateAuthority::Extensions::KeyUsage.new.tap {|keyusage|
- keyusage.usage = ["digitalSignature", "nonRepudiation"]
+ keyusage.usage = ["digitalSignature", "keyEncipherment"]
}
extensions << CertificateAuthority::Extensions::ExtendedKeyUsage.new.tap {|extkeyusage|
extkeyusage.usage = [ "serverAuth"]
@@ -317,7 +317,6 @@ module LeapCli; module Commands
)])
attrs = [
OpenSSL::X509::Attribute.new("extReq", attrval),
- OpenSSL::X509::Attribute.new("msExtReq", attrval)
]
csr.attributes = attrs