Merge pull request #3659 from vin01/master

Add EKU extension for dummy certificates
This commit is contained in:
Maximilian Hils 2019-10-04 16:24:19 +02:00 committed by GitHub
commit fed3d3eb37
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 0 deletions

View File

@ -115,6 +115,13 @@ def dummy_cert(privkey, cacert, commonname, sans, organization):
cert.set_version(2)
cert.add_extensions(
[OpenSSL.crypto.X509Extension(b"subjectAltName", False, ss)])
cert.add_extensions([
OpenSSL.crypto.X509Extension(
b"extendedKeyUsage",
False,
b"serverAuth,clientAuth"
)
])
cert.set_pubkey(cacert.get_pubkey())
cert.sign(privkey, "sha256")
return Cert(cert)