hxtool: add cert type: https-negotiate-server
This commit is contained in:
Nicolas Williams
@@ -1674,6 +1674,16 @@ https_server(hx509_context contextp, hx509_ca_tbs tbs, struct cert_type_opt *opt
|
|||||||
return hx509_ca_tbs_add_eku(contextp, tbs, &asn1_oid_id_pkix_kp_serverAuth);
|
return hx509_ca_tbs_add_eku(contextp, tbs, &asn1_oid_id_pkix_kp_serverAuth);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static int
|
||||||
|
https_negotiate_server(hx509_context contextp, hx509_ca_tbs tbs, struct cert_type_opt *opt)
|
||||||
|
{
|
||||||
|
int ret = hx509_ca_tbs_add_eku(contextp, tbs, &asn1_oid_id_pkekuoid);
|
||||||
|
if (ret == 0)
|
||||||
|
ret = hx509_ca_tbs_add_eku(contextp, tbs, &asn1_oid_id_pkix_kp_serverAuth);
|
||||||
|
opt->pkinit++;
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
static int
|
static int
|
||||||
https_client(hx509_context contextp, hx509_ca_tbs tbs, struct cert_type_opt *opt)
|
https_client(hx509_context contextp, hx509_ca_tbs tbs, struct cert_type_opt *opt)
|
||||||
{
|
{
|
||||||
@@ -1747,6 +1757,11 @@ struct {
|
|||||||
"Certificates used for Kerberos PK-INIT KDC certificates",
|
"Certificates used for Kerberos PK-INIT KDC certificates",
|
||||||
pkinit_kdc
|
pkinit_kdc
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
"https-negotiate-server",
|
||||||
|
"Used for HTTPS server and many other TLS server certificate types",
|
||||||
|
https_negotiate_server
|
||||||
|
},
|
||||||
{
|
{
|
||||||
"peap-server",
|
"peap-server",
|
||||||
"Certificate used for Radius PEAP (Protected EAP)",
|
"Certificate used for Radius PEAP (Protected EAP)",
|
||||||
|
|||||||
Reference in New Issue
Block a user