kylefang/mitmproxy
1
0
Fork 0
mirror of https://github.com/zhigang1992/mitmproxy.git synced 2026-05-30 09:20:24 +08:00
Code Issues Packages Projects Releases Wiki Activity

Tweak CA and cert setup to be nice to Windows.

Browse Source 
For some reason Satan's Operating System doesn't join up the certification path
if the key identifiers are set to hash. This took a few hours of trial and
error to figure out.
This commit is contained in:
Aldo Cortesi
2011-03-18 14:48:43 +13:00
parent 907536503c
commit 3fbf343985
2 changed files with 0 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
libmproxy/resources/ca.cnf
View File

@@ -9,8 +9,6 @@ organizationName = mitmproxy
commonName = mitmproxy
[ v3_ca ]
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always,issuer
basicConstraints = critical,CA:true
keyUsage = cRLSign, keyCertSign
extendedKeyUsage=serverAuth,clientAuth,emailProtection,timeStamping,msCodeInd,msCodeCom,msCTLSign,msSGC,msEFS,nsSGC
@@ -27,8 +25,6 @@ basicConstraints = CA:false
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
extendedKeyUsage=serverAuth,clientAuth,emailProtection,timeStamping,msCodeInd,msCodeCom,msCTLSign,msSGC,msEFS,nsSGC
nsCertType = server
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always,issuer
[ v3_cert_req ]
basicConstraints = CA:false

4
libmproxy/resources/cert.cnf
View File

@@ -9,8 +9,6 @@ organizationName = mitmproxy
commonName = %(commonname)s
[ v3_ca ]
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always,issuer
basicConstraints = critical,CA:true
keyUsage = cRLSign, keyCertSign
nsCertType = sslCA
@@ -24,8 +22,6 @@ nsCertType = sslCA
basicConstraints = CA:false
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
nsCertType = server
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always,issuer
[ v3_cert_req ]
basicConstraints = CA:false