fix the default end date and extended key usage for test certificates

2025-04-04 17:00:11 -05:00 · 2021-01-05 09:58:05 +01:00 · 2021-01-05 09:58:05 +01:00 · 1dc209baa8
commit 1dc209baa8
parent 2f011cfc31
1 changed files with 8 additions and 1 deletions
--- a/tests/certs/openssl_intermediate.cnf
+++ b/tests/certs/openssl_intermediate.cnf
@ -18,7 +18,8 @@ default_md                      = sha256
 preserve                        = no
 policy                          = policy_loose
 default_startdate               = 180101000000Z
-default_enddate                 = 210101000000Z
+default_enddate                 = 241231000000Z
+x509_extensions                 = v3_req

 [ req ]
 # Options for the `req` tool
@ -40,6 +41,12 @@ subjectKeyIdentifier            = hash
 authorityKeyIdentifier          = keyid, issuer
 extendedKeyUsage                = codeSigning

+[ v3_req ]
+basicConstraints                = CA:FALSE
+subjectKeyIdentifier            = hash
+authorityKeyIdentifier          = keyid, issuer
+extendedKeyUsage                = codeSigning
+
 [ policy_loose ]
 # Allow the intermediate CA to sign a more diverse range of certificates.
 # See the POLICY FORMAT section of the `ca` man page.