On Thu, Sep 30, 2021 at 01:21:19PM +1000, raf wrote:
> You said that the following extensions are needed:
>
> basicConstraints = CA:true
> keyUsage = digitalSignature, keyCertSign, cRLSign
> extendedKeyUsage = serverAuth, clientAuth
>
> Is it the case that serverAuth is only required for CA
> certificates used with smtp_tls_CAfile (or
> lmtp_tls_CAfile), and that clientAuth is only required
> for CA certificates used with smtpd_tls_CAfile?
No, because you don't get to choose which CA signed your certificates.
Rather a CA with only "serverAuth" (OpenSSL-specific alias for the EKU
OID in question) can only be used to issue TLS server certificates, and
a CA with only "clientAuth" can only be used to issue TLS client
certificates. A CA with EKU not specified or one that lists both can
be used for either.
The relying party just uses the CA certificates as they are, though in
the case of root CA certificates, many implementations don't check the
self-signature, and then one can mutate the CA cert, although more
properly trust settings to root CAs are applied in the trust store
externally to the certificate.
--
Viktor.
