From ed65476b2140435d857bd6acfffb5177ee71ad74 Mon Sep 17 00:00:00 2001
From: vin01 <vinc.i@protonmail.ch>
Date: Thu, 3 Oct 2019 10:23:45 +0200
Subject: [PATCH] Add EKU extension for dummy certificates

---
 mitmproxy/certs.py | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/mitmproxy/certs.py b/mitmproxy/certs.py
index 0ec63b507..65dc50e4f 100644
--- a/mitmproxy/certs.py
+++ b/mitmproxy/certs.py
@@ -115,6 +115,13 @@ def dummy_cert(privkey, cacert, commonname, sans, organization):
         cert.set_version(2)
         cert.add_extensions(
             [OpenSSL.crypto.X509Extension(b"subjectAltName", False, ss)])
+    cert.add_extensions([
+        OpenSSL.crypto.X509Extension(
+            b"extendedKeyUsage",
+            False,
+            b"serverAuth,clientAuth"
+        )
+    ])
     cert.set_pubkey(cacert.get_pubkey())
     cert.sign(privkey, "sha256")
     return Cert(cert)