Skip to content

Commit 48eb812

Browse files
tinyzimmertinyzimmer
committed
tls: allow certificates to be used for codesigning
1 parent abd61dd commit 48eb812

File tree

1 file changed

+2
-2
lines changed

1 file changed

+2
-2
lines changed

pkg/crypto/tlscerts.go

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -306,7 +306,7 @@ func GenerateCA(cfg CACertConfig) (privkey crypto.PrivateKey, cert *x509.Certifi
306306
NotBefore: time.Now().UTC(),
307307
NotAfter: time.Now().UTC().Add(cfg.ValidFor),
308308
IsCA: true,
309-
ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth, x509.ExtKeyUsageServerAuth},
309+
ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth, x509.ExtKeyUsageServerAuth, x509.ExtKeyUsageCodeSigning},
310310
KeyUsage: x509.KeyUsageDigitalSignature | x509.KeyUsageCertSign,
311311
BasicConstraintsValid: true,
312312
}
@@ -382,7 +382,7 @@ func IssueCertificate(cfg IssueConfig) (privkey crypto.PrivateKey, cert *x509.Ce
382382
NotBefore: time.Now().UTC(),
383383
NotAfter: time.Now().UTC().Add(cfg.ValidFor),
384384
IsCA: false,
385-
ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth, x509.ExtKeyUsageServerAuth},
385+
ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth, x509.ExtKeyUsageServerAuth, x509.ExtKeyUsageCodeSigning},
386386
KeyUsage: x509.KeyUsageDigitalSignature,
387387
BasicConstraintsValid: true,
388388
}

0 commit comments

Comments
 (0)