Commit graph

2 commits

Author SHA1 Message Date
Dave Collins
759451c046 Correct and improve cert generation.
This commit changes three things with cert generation.

- The extended key usage field has been removed since specifying the
  extended key usage field prevents the cert from working with firefox
  even when it specifies it can be used as a server
- Creates a random serial number since browsers like firefox and chrome
  won't accept two certificates with the same issuer and serial number
- Adds the digital signature key usage capability since some validators
  like node.js expect that instead of key encipherment
2014-01-29 03:48:46 -06:00
Josh Rickmar
b651766231 Add NewTLSCertPair to generate a certificate pair.
btcd, btcwallet, and an upcomming standalone tool to generate the TLS
certificates all need a way to generate TLS certificate pairs.  This
function, adapted from the cert gen code in btcd, abstracts this logic
so all programs can reuse the code.

Unlike the older btcd certificate generation code, this new function
allows specifying additional hostnames and IPs to add to the list of
addresses for which the cert is valid.
2014-01-10 15:35:55 -05:00