Michael Leone on 25 Oct 2013 08:28:55 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Fwd: Openssl config question

On Fri, Oct 25, 2013 at 11:04 AM, Michael Leone <turgon@mike-leone.com> wrote:
> I have no "Extended Key Usage"  section showing in my cert. And the MS
> page says I need that (well, I am inferring that I need it, anyway).
> So I am guessing I need to put this in my config, to be sure and add
> this property to the cert:
> extendedKeyUsage=serverAuth
> Just not sure where in my openssl config I need to put this

I think I know where. I see this in my config:

x509_extensions = usr_cert              # The extentions to add to the cert

So I guess I need it under the "[usr_cert]" section.

Now to find out how to remove the current cert, which doesn't have the
properties I need, make a new request, sign it with these extensions,
and re-import it back in Windows. And then see if the RDS is happy
with it ...
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug