When creating client certificates with following extensions:
basicContraints CA:FALSE nsComment "OpenSSL Generated Certificate" subjectKeyIdentifier hash authoritiyKeyIdentifier keyid,issuer:always keyUsage nonrepudiation,digitalsignature,keyEncipherment
Microsoft certificate viewer list the following certiticate usage information: Is this correct for the extensions listed above?
Ensures the identity of a remote computer Proves your identity to a remote computer Ensures software came from software publisher Protects software from alteration after publication Protects e-mail messages Allows data to be signed with the current time Allows you to digitally sign a certificate trust list Allows secure communication on the Internet Allows data on disk to be encrypted Windows Hardware Driver Verification Windows System Component Verification OEM Windows System Component Verification Embedded Windows System Component Verification Key Pack Licenses License Server Verification Smart Card Logon Digital Rights Qualified Subordination Key Recovery Document Signing File Recovery Root List Signer All application policies Directory Service Email Replication Certificate Request Agent Key Recovery Agent Private Key Archival Lifetime Signing File Recovery
How do I create a client certificate which has only the folowing two usage values?
Proves your identity to a remote computer Protects e-mail messages
Thank You!
Marcus Carey
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
