deprecated/phpki-ng
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

remove 'critical' flag on SSL server cert as it breaks Firefox >= 31.0 (info here: https://blog.mozilla.org/security/2014/04/24/exciting-updates-to-certificate-verification-in-gecko/)

Browse Source
This commit is contained in:
Alex.Tang
2014-08-04 14:43:03 -07:00
parent 53d95acb73
commit 9a1c4b71c0
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
include/openssl_functions.php
View File

@@ -174,7 +174,7 @@ nsCaPolicyUrl = $config[base_url]$config[policy_url]
[ server_ext ]
basicConstraints = critical, CA:false
keyUsage = critical, digitalSignature, keyEncipherment
nsCertType = critical, server
nsCertType = server
extendedKeyUsage = critical, serverAuth
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always, issuer:always