FAQ
One frustration I have with the current x509 package is that I can't create
certificates for use in client authentication that are accepted by the
server in the tls package. I have to drop over to openssl or some other
tool/language to create my certs.

Is there some reason CreateCertificate does not consider the ExtKeyUsage
field from the template?

I'd love to see this added. I have a patchset ready for contribution
assuming this does not conflict with some design decision I'm unaware of.

--

Search Discussions

  • Agl at Sep 19, 2012 at 10:16 pm

    On Wednesday, September 19, 2012 12:36:00 PM UTC-4, andrewh wrote:

    One frustration I have with the current x509 package is that I can't
    create certificates for use in client authentication that are accepted by
    the server in the tls package. I have to drop over to openssl or some
    other tool/language to create my certs.

    Is there some reason CreateCertificate does not consider the ExtKeyUsage
    field from the template?

    I'd love to see this added. I have a patchset ready for contribution
    assuming this does not conflict with some design decision I'm unaware of.
    This is simply an omission. Extended key usage was added later and
    CreateCertificate wasn't updated.

    Patches welcome, or else please file a bug and let me know the bug number.


    Cheers

    AGL

    --
  • Andrewh at Sep 19, 2012 at 11:08 pm
    Thanks AGL,

    I've submitted a patch here:

    http://codereview.appspot.com/6535057/

    Thanks,
    Andrew
    On Wednesday, September 19, 2012 4:16:51 PM UTC-6, agl wrote:
    On Wednesday, September 19, 2012 12:36:00 PM UTC-4, andrewh wrote:

    One frustration I have with the current x509 package is that I can't
    create certificates for use in client authentication that are accepted by
    the server in the tls package. I have to drop over to openssl or some
    other tool/language to create my certs.

    Is there some reason CreateCertificate does not consider the ExtKeyUsage
    field from the template?

    I'd love to see this added. I have a patchset ready for contribution
    assuming this does not conflict with some design decision I'm unaware of.
    This is simply an omission. Extended key usage was added later and
    CreateCertificate wasn't updated.

    Patches welcome, or else please file a bug and let me know the bug number.


    Cheers

    AGL
    --

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
groupgolang-nuts @
categoriesgo
postedSep 19, '12 at 5:53p
activeSep 19, '12 at 11:08p
posts3
users2
websitegolang.org

2 users in discussion

Andrewh: 2 posts Agl: 1 post

People

Translate

site design / logo © 2022 Grokbase