Skip to content

Commit

Permalink
set subject CN for client certificates
Browse files Browse the repository at this point in the history 
Many TLS servers and configurations perform client authentication
using the subject CN in the client certificate. This change
adds a subject CN to client certificates.

Fixes FiloSottile#257.
  • Loading branch information
@antong
antong committed Apr 17, 2020
1 parent a2b1208 commit 3cd31f2
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions cert.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -90,6 +90,7 @@ func (m *mkcert) makeCert(hosts []string) {

if m.client {
tpl.ExtKeyUsage = []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth, x509.ExtKeyUsageServerAuth}
tpl.Subject.CommonName = hosts[0]
} else if len(tpl.IPAddresses) > 0 || len(tpl.DNSNames) > 0 {
tpl.ExtKeyUsage = []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth}
}
Expand Down

0 comments on commit 3cd31f2

Please sign in to comment.