[Date Prev][Date Next]
Any problems with X.509v3 Extensions?
Does anyone know of any known-problems with OpenLDAP server/client-side
certificates signed with X509 v3 Extensions?
$ openssl x509 -text -in interface.crt.pem
X509v3 Subject Alternative Name:
Netscape Cert Type:
SSL Server, S/MIME, Object Signing
X509v3 Extended Key Usage:
TLS Web Server Authentication
[ v3_req_ext ]
nsCertType = server, email, objsign
nsComment = "OpenSSL Generated Server Certificate"
# .2 = Client, .1 = Server
#extendedKeyUsage = 184.108.40.206.220.127.116.11.2
extendedKeyUsage = 18.104.22.168.22.214.171.124.1
This is the way Godaddy rocks out.
Every year I go through suffer through hours of self abnegation trying to
re-issue certificates for a dozen F/OSS applications that all have little
caveats --- This year I'm writing that shit down >:}