lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-20 03:16:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add option to create combined client and server certificate, closes #2800 (#3130)

Browse Source
This commit is contained in:
Michael Steenbeek 2019-01-14 10:16:09 +01:00 committed by Franco Fichtner
parent 23f440ceee
commit ea8dce33ba
2 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/etc/ssl/opnsense.cnf
View File

@ -369,3 +369,15 @@ extendedKeyUsage=serverAuth,1.3.6.1.5.5.8.2.2
keyUsage = digitalSignature, keyEncipherment
###OPNsense:subjectAltName###
[ combined_server_client ]
basicConstraints=CA:FALSE
nsComment = "OPNsense Generated Combined Client/Server Certificate"
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid,issuer:always
extendedKeyUsage = clientAuth,serverAuth,1.3.6.1.5.5.8.2.2
# This is typical in keyUsage for a client certificate.
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
###OPNsense:subjectAltName###

1
src/www/system_certmanager.php
View File

@ -864,6 +864,7 @@ $( document ).ready(function() {
<select name="cert_type">
<option value="usr_cert" <?=$pconfig['cert_type'] == 'usr_cert' ? 'selected="selected"' : '';?>> <?=gettext("Client Certificate");?> </option>
<option value="server_cert" <?=$pconfig['cert_type'] == 'server_cert' ? 'selected="selected"' : '';?>> <?=gettext("Server Certificate");?> </option>
<option value="combined_server_client" <?=$pconfig['cert_type'] == 'combined_server_client' ? 'selected="selected"' : '';?>> <?=gettext("Combined Client/Server Certificate");?> </option>
<option value="v3_ca" <?=$pconfig['cert_type'] == 'v3_ca' ? 'selected="selected"' : '';?>> <?=gettext("Certificate Authority");?> </option>
</select>
<div class="hidden" data-for="help_for_digest_cert_type">