Re: modifying Certificate purposes

Tue, 22 Feb 2005 19:32:12 -0800

ray v wrote: 
Ok I figured it out, doh!

Here's part of my openssl command 

openssl x509 -req -days $days -in $csrfile -extfile
extfile -extensions extend

I use -extfile and -extensions

Here's my extfile 

extensions = extend
[ extend ]
keyUsage = digitalSignature
extendedKeyUsage = clientAuth
nsCertType = client

The out come will be this

Certificate purposes:
SSL client : Yes
SSL client CA : No
SSL server : No
SSL server CA : No
Netscape SSL server : No
Netscape SSL server CA : No
S/MIME signing : No
S/MIME signing CA : No
S/MIME encryption : No
S/MIME encryption CA : No
CRL signing : No
CRL signing CA : No
Any Purpose : Yes
Any Purpose CA : Yes
OCSP helper : Yes
OCSP helper CA : No



I didnt see this post, thanks, i am going to check into this method myself.

Thanks
Michael

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Reply via email to