Commit e8f12c4b authored by godog's avatar godog

set version 3 when adding extensions

gnutls fails to consider the certificate valid:

|<2>| error: extensions present in certificate with version 1

found via:

gnutls-cli --debug 99 --x509cafile /etc/ssl/certs/ca-certificates.crt github.com
parent 61dc78dc
......@@ -44,6 +44,7 @@ def sign_certificate(req, ca_key, ca_crt, serial_num, days,
cert.set_subject(req.get_subject())
cert.set_pubkey(req.get_pubkey())
if extensions:
cert.set_version(3)
cert.add_extensions(extensions)
cert.sign(ca_key, digest)
return cert
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment