سؤال

How could I set the keyUsage of new a certificate signed by my CA that will have the same policies?

I tried to generate a certificate by running the command below:

openssl ca \
  -policy policy_anything \
  -cert ca.cer \
  -in cerreq.csr \
  -keyfile ca.key \
  -days 365 \
  -out cer.cer

Is there command parameter that should I include to set the keyUsage for the certificate?

هل كانت مفيدة؟

المحلول

You have to add -extenstions v3_ca This extenstion will add basicConstraints = CA:true, which means that you will be able to sign certificates with this certificate.

مرخصة بموجب: CC-BY-SA مع الإسناد
لا تنتمي إلى StackOverflow
scroll top