upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2026-02-11 14:54:27 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

- Fix for attaching the X509v3 extensions to the client certificate.

Browse source
This commit is contained in:
George Thessalonikefs 2020-10-19 15:00:30 +02:00
parent 59d15ac9cf
commit 50178d764a
1 changed files with 3 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
smallapp/unbound-control-setup.sh.in
View file

@ -120,6 +120,7 @@ if [ ! -f "$SVR_BASE.key" ]; then
fi
cat >server.cnf <<EOF
[req]
default_bits=$BITS
default_md=$HASH
prompt=no
@ -189,6 +190,8 @@ if [ ! -f "$CTL_BASE.pem" -o $RECREATE -eq 1 ]; then
-CAkey "$SVR_BASE.key" \
-CAcreateserial \
-$HASH \
-extfile client.cnf \
-extensions v3_req \
-out "$CTL_BASE.pem"
[ ! -f "CTL_BASE.pem" ] || fatal "cannot create signed client certificate"