If there is not any objection I will commit this patch to trunk later today.
On 01/24/2013 12:13 AM, Tsantilas Christos wrote: > There are cases where the generated certificates do not mimic enough > properties and secure connection with the client fails. For example, > Squid does not mimic Key Usage extensions. Clients using GnuTLS (or > similar libraries that validate server certificate using those > extensions) fail to secure the connection with Squid. > > This patch add mimicking for the following extensions, which are > considered as safe to mimic: > * X509v3 Key Usage > * X509v3 Extended Key Usage, > * X509v3 Basic Constraints CA. > > We would be happy to add more "safe to mimic" extensions if users > request (and vouch for) them. > > This is a Measurement Factory project > > Regards, > Christos >
