No option to create code-signing intermediate or certificates

kaysond / spki

A bash script wrapper for OpenSSL that generates and manages a simple PKI suitable for small deployments

GNU General Public License v3.0

45 stars 8 forks source link

Open michaelkrieger opened 5 years ago

michaelkrieger commented 5 years ago

Per OpenSSL PKI Tutorial and its sample configuration file, a code-signing certificate is also an option that would complete spki.

All that should be required is making an intermediate with some variation of: extendedKeyUsage = serverAuth, clientAuth, codeSigning

kaysond commented 5 years ago

Good suggestion thanks. If you can submit a PR that'd be great. I can probably get to it by the end of the month otherwise.