Hello,
I had to renew my FreeNas CA and my Zertifikates. The CA and the Certificates was created with Freenas 10 or 11.1. Before the usage of ExtendedKeyUsage.
I use my User-Certificates for User Authentication against Webserver for example.
But I detect that from 11.3 the following Changes with my Certificates:
Before 11.3
KeyUsage Any
ExtendedKeyUsage not Us
Since 11.3
KeyUsage Encrypt, check, derive
ExtendedKeyUsage: Serverauthentifizierung ( 1.3.6.1.5.5.7.3.1 ), 2.5.29.14 - Subject Key Identifier ( 2.5.29.14 ), (2.5.29.37) - Extended key usage
But the Chrome needs the "1.3.6.1.5.5.7.3.2 (TLS_WEB_CLIENT_AUTHENTICATION)" for Web Server Browser authentication.
Is it possible to add the 1.3.6.1.5.5.7.3.2 (TLS_WEB_CLIENT_AUTHENTICATION) to a certificate?
Thanks
best regards
Carsten
I had to renew my FreeNas CA and my Zertifikates. The CA and the Certificates was created with Freenas 10 or 11.1. Before the usage of ExtendedKeyUsage.
I use my User-Certificates for User Authentication against Webserver for example.
But I detect that from 11.3 the following Changes with my Certificates:
Before 11.3
KeyUsage Any
ExtendedKeyUsage not Us
Since 11.3
KeyUsage Encrypt, check, derive
ExtendedKeyUsage: Serverauthentifizierung ( 1.3.6.1.5.5.7.3.1 ), 2.5.29.14 - Subject Key Identifier ( 2.5.29.14 ), (2.5.29.37) - Extended key usage
But the Chrome needs the "1.3.6.1.5.5.7.3.2 (TLS_WEB_CLIENT_AUTHENTICATION)" for Web Server Browser authentication.
Is it possible to add the 1.3.6.1.5.5.7.3.2 (TLS_WEB_CLIENT_AUTHENTICATION) to a certificate?
Thanks
best regards
Carsten