From 54565832949c64d715d9e09cc8d4b52a755a5e9d Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Tue, 7 Nov 2006 14:27:55 +0000 Subject: [PATCH] Don't add the TS EKU by default in openssl.cnf because it then makes certificates genereated by ca, CA.pl etc useless for anything else. --- apps/openssl.cnf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/openssl.cnf b/apps/openssl.cnf index 2995800d96..7bcaa53ede 100644 --- a/apps/openssl.cnf +++ b/apps/openssl.cnf @@ -212,7 +212,7 @@ authorityKeyIdentifier=keyid,issuer #nsSslServerName # This is required for TSA certificates. -extendedKeyUsage = critical,timeStamping +# extendedKeyUsage = critical,timeStamping [ v3_req ] -- GitLab