When a cert is being refreshed we validate it with cert.Verify(), which by default assumes a cert is only valid if it can be used for server authentication.
These changes allow us to specify what our intended usages are and validate against that instead.
When a cert is being refreshed we validate it with cert.Verify(), which by default assumes a cert is only valid if it can be used for server authentication.
These changes allow us to specify what our intended usages are and validate against that instead.