From ab4cf1597ebde2f162acc77a48f3d677794ea5e8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= <lha@kth.se>
Date: Sat, 29 Apr 2006 15:05:11 +0000
Subject: [PATCH] Add EKU for the KDC certificate

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17350 ec53bebd-3082-4978-b11e-865c3cabbd6b
---
 lib/hx509/data/openssl.cnf | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/lib/hx509/data/openssl.cnf b/lib/hx509/data/openssl.cnf
index 4c75ef3a8..5ddda6629 100644
--- a/lib/hx509/data/openssl.cnf
+++ b/lib/hx509/data/openssl.cnf
@@ -1,3 +1,8 @@
+oid_section             = new_oids
+
+[ new_oids ]
+pkkdcekuoid = 1.3.6.1.5.2.3.5
+
 [ca]
 
 default_ca = user
@@ -108,6 +113,7 @@ princ1 = GeneralString:bar
 [ pkinit_kdc_cert ]
 basicConstraints=CA:FALSE
 keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+extendedKeyUsage = pkkdcekuoid
 subjectKeyIdentifier	= hash
 subjectAltName=otherName:1.3.6.1.5.2.2;SEQUENCE:pkinitkdc_princ_name