pierre/SolarEnergy
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Leaf certificates are explicitly marked as non CA

Browse Source
This commit is contained in:
Pierre HUBERT 2024-06-28 22:04:36 +02:00
parent 11054385a6
commit b4647d70a0
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
central_backend/src/crypto/pki.rs
View File

@ -161,9 +161,11 @@ fn gen_certificate(req: GenCertificateReq) -> anyhow::Result<(Vec<u8>, Vec<u8>)>
} }
// If cert is a CA or not // If cert is a CA or not
let mut basic = BasicConstraints::new();
if req.ca { if req.ca {
cert_builder.append_extension(BasicConstraints::new().critical().ca().build()?)?; basic.ca();
} }
cert_builder.append_extension(basic.critical().build()?)?;
// Key usage // Key usage
let mut key_usage = KeyUsage::new(); let mut key_usage = KeyUsage::new();