summaryrefslogtreecommitdiff
path: root/CommModule/server.pl
diff options
context:
space:
mode:
authorMichael Tänzer <neo@nhng.de>2012-08-21 23:43:10 +0200
committerMichael Tänzer <neo@nhng.de>2012-08-21 23:43:10 +0200
commita980e8aa7a6c3612fb884a051cc8125b3e4811d3 (patch)
tree09106406f297ad9e04ce0d4c66f0c2e3bcb25432 /CommModule/server.pl
parentfbd8753eaefa54c9ddfff57647f6bb5405281177 (diff)
downloadcacert-devel-a980e8aa7a6c3612fb884a051cc8125b3e4811d3.tar.gz
cacert-devel-a980e8aa7a6c3612fb884a051cc8125b3e4811d3.tar.xz
cacert-devel-a980e8aa7a6c3612fb884a051cc8125b3e4811d3.zip
Source code taken from cacert-20120810.tar.bz2
Diffstat (limited to 'CommModule/server.pl')
-rwxr-xr-xCommModule/server.pl21
1 files changed, 20 insertions, 1 deletions
diff --git a/CommModule/server.pl b/CommModule/server.pl
index eb5113a..c70bc9a 100755
--- a/CommModule/server.pl
+++ b/CommModule/server.pl
@@ -502,9 +502,28 @@ sub SignX509($$$$$$$$)
{
open OUT,">$wid/extfile";
print OUT "basicConstraints = critical, CA:FALSE\n";
+ print OUT "keyUsage = critical, digitalSignature, keyEncipherment, keyAgreement\n";
print OUT "extendedKeyUsage = clientAuth, serverAuth, nsSGC, msSGC\n";
- print OUT "keyUsage = digitalSignature, keyEncipherment\n";
print OUT "authorityInfoAccess = OCSP;URI:$OCSPUrl\n";
+
+ my $CRLUrl="";
+ if($root==0)
+ {
+ $CRLUrl="http://crl.cacert.org/revoke.crl";
+ }
+ elsif($root==1)
+ {
+ $CRLUrl="http://crl.cacert.org/class3-revoke.crl";
+ }
+ elsif($root==2)
+ {
+ $CRLUrl="http://crl.cacert.org/class3s-revoke.crl";
+ }
+ else
+ {
+ $CRLUrl="http://crl.cacert.org/root${root}.crl";
+ }
+ print OUT "crlDistributionPoints = URI:${CRLUrl}\n";
print OUT "subjectAltName = $san\n" if(length($san));
close OUT;
$extfile=" -extfile $wid/extfile ";