common/tools/cryptogen/ca/generator.go · 3c0d63c3db8cb84a57ff49fd984712a5393f5ed6 · zistvan-public / StreamChain Prototype

Explicitly set ext key usage for CA · 3c0d63c3

Gari Singh authored Jan 02, 2019



The generated CA certificates currently have
contain anyExtendedKeyUsage in their
Extended Key Usage attributes.  This is
actually not allowed and is now enforced by
openssl 1.1 and later.

This change explicitly adds only ClientAuth
and ServerAuth to the CA's Extended Key
Usage attributes.

FAB-13439 #done

Change-Id: Ia2586563bd46c2978704999d1d9307d110bbcc98
Signed-off-by: Gari Singh <gari.r.singh@gmail.com>

3c0d63c3