summary |
shortlog |
log |
commit | commitdiff |
tree
raw |
patch |
inline | side by side (from parent 1:
9d7fd96)
For some reason libvirt doesn't accept client certificates without this,
even though TLS client authentication doesn't involve encipherting keys.
[tls-client-extensions]
basicConstraints = critical, CA:FALSE
[tls-client-extensions]
basicConstraints = critical, CA:FALSE
-keyUsage = critical, digitalSignature
+keyUsage = critical, digitalSignature, keyEncipherment
extendedKeyUsage = clientAuth
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer:always
extendedKeyUsage = clientAuth
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer:always