CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

SSL Module - Allow the CA to sign client certs

Browse Source
This commit is contained in:
Mike Reeves
2018-07-16 12:44:28 -04:00
parent 853b6768c4
commit 5137866826
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
salt/ca/init.sls
View File

@@ -25,7 +25,8 @@ pki_private_key:
- ST: Utah - ST: Utah
- L: Salt Lake City - L: Salt Lake City
- basicConstraints: "critical CA:true" - basicConstraints: "critical CA:true"
- keyUsage: "critical cRLSign, keyCertSign, serverAuth, clientAuth" - keyUsage: "critical cRLSign, keyCertSign"
- extendedkeyUsage: "serverAuth, clientAuth"
- subjectKeyIdentifier: hash - subjectKeyIdentifier: hash
- authorityKeyIdentifier: keyid,issuer:always - authorityKeyIdentifier: keyid,issuer:always
- days_valid: 3650 - days_valid: 3650