You are here: Foswiki>Main Web>OpenSSLCertificateExtensions (28 Dec 2010, AvishaiIshShalom)EditAttach
A list of common OpenSSL? extensions definitions.
SSL Server
basicConstraints = CA:FALSE keyUsage = nonRepudiation, digitalSignature, keyEncipherment extendedKeyUsage = serverAuth nsCertType = server
General client certificate (SSL Client, Email, etc.)
basicConstraints = CA:FALSE keyUsage = nonRepudiation, digitalSignature, keyEncipherment, dataEncipherment extendedKeyUsage = clientAuth, emailProtection nsCertType = client, email
MS domain controller
basicConstraints = CA:FALSE keyUsage = digitalSignature, keyEncipherment extendedKeyUsage = clientAuth, serverAuth
VPN Client
basicConstraints = CA:FALSE keyUsage = digitalSignature, keyEncipherment, dataEncipherment, keyAgreement extendedKeyUsage = clientAuth
VPN Server
basicConstraints = CA:FALSE keyUsage = digitalSignature, keyEncipherment, dataEncipherment, keyAgreement extendedKeyUsage = clientAuth, serverAuth
Notes
-- AvishaiIshShalom - 09 Jun 2010Edit | Attach | Print version | History: r2 < r1 | Backlinks | View wiki text | Edit wiki text | More topic actions
Topic revision: r2 - 28 Dec 2010 - 09:53:06 - AvishaiIshShalom
Main |
|
Copyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors. Ideas, requests, problems regarding Foswiki? Send feedback