From 9a1c4b71c0bf9ab0685195a41f6a4d034ae39900 Mon Sep 17 00:00:00 2001
From: "Alex.Tang" <altitude@funkware.com>
Date: Mon, 4 Aug 2014 14:43:03 -0700
Subject: [PATCH] remove 'critical' flag on SSL server cert as it breaks
 Firefox >= 31.0 (info here:
 https://blog.mozilla.org/security/2014/04/24/exciting-updates-to-certificate-verification-in-gecko/)

---
 include/openssl_functions.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/openssl_functions.php b/include/openssl_functions.php
index f8000ad..bb9fdd4 100644
--- a/include/openssl_functions.php
+++ b/include/openssl_functions.php
@@ -174,7 +174,7 @@ nsCaPolicyUrl          = $config[base_url]$config[policy_url]
 [ server_ext ]
 basicConstraints        = critical, CA:false
 keyUsage                = critical, digitalSignature, keyEncipherment
-nsCertType              = critical, server
+nsCertType              = server
 extendedKeyUsage        = critical, serverAuth
 subjectKeyIdentifier    = hash
 authorityKeyIdentifier  = keyid:always, issuer:always