~mdw
/
ca
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
etc/openssl.conf: Allow `keyEncipherment' for TLS clients.
[ca]
/
etc
/
openssl.conf
diff --git
a/etc/openssl.conf
b/etc/openssl.conf
index
4fa74a5
..
847b1f5
100644
(file)
--- a/
etc/openssl.conf
+++ b/
etc/openssl.conf
@@
-103,7
+103,7
@@
crlDistributionPoints = URI:http://www.distorted.org.uk/ca/crl
[tls-client-extensions]
basicConstraints = critical, CA:FALSE
[tls-client-extensions]
basicConstraints = critical, CA:FALSE
-keyUsage = critical, digitalSignature
+keyUsage = critical, digitalSignature
, keyEncipherment
extendedKeyUsage = clientAuth
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer:always
extendedKeyUsage = clientAuth
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer:always