Tweak CA and cert setup to be nice to Windows.

For some reason Satan's Operating System doesn't join up the certification path if the key identifiers are set to hash. This took a few hours of trial and error to figure out.
author: Aldo Cortesi <aldo@nullcube.com> 2011-03-18 14:48:43 +1300
committer: Aldo Cortesi <aldo@nullcube.com> 2011-03-18 14:48:43 +1300
commit: 3fbf343985cd1a957514ebcc54fee067c18b99ea (patch)
tree: d7086ad33d79fd965827b19f1b6ba28854996026 /libmproxy/resources/cert.cnf
parent: 907536503c399af888af2eed8bc6dca76b39ab1d (diff)
download: mitmproxy-3fbf343985cd1a957514ebcc54fee067c18b99ea.tar.gz
mitmproxy-3fbf343985cd1a957514ebcc54fee067c18b99ea.tar.bz2
mitmproxy-3fbf343985cd1a957514ebcc54fee067c18b99ea.zip
1 files changed, 0 insertions, 4 deletions
diff --git a/libmproxy/resources/cert.cnf b/libmproxy/resources/cert.cnf
index 9afae09f..5f80c2d6 100644
--- a/libmproxy/resources/cert.cnf
+++ b/libmproxy/resources/cert.cnf
@@ -9,8 +9,6 @@ organizationName               = mitmproxy
 commonName                     = %(commonname)s
 
 [ v3_ca ]
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid:always,issuer
 basicConstraints = critical,CA:true
 keyUsage = cRLSign, keyCertSign
 nsCertType = sslCA
@@ -24,8 +22,6 @@ nsCertType = sslCA
 basicConstraints = CA:false
 keyUsage = nonRepudiation, digitalSignature, keyEncipherment
 nsCertType = server
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid:always,issuer
 
 [ v3_cert_req ]
 basicConstraints = CA:false
author	Aldo Cortesi <aldo@nullcube.com>	2011-03-18 14:48:43 +1300
committer	Aldo Cortesi <aldo@nullcube.com>	2011-03-18 14:48:43 +1300
commit	3fbf343985cd1a957514ebcc54fee067c18b99ea (patch)
tree	d7086ad33d79fd965827b19f1b6ba28854996026 /libmproxy/resources/cert.cnf
parent	907536503c399af888af2eed8bc6dca76b39ab1d (diff)
download	mitmproxy-3fbf343985cd1a957514ebcc54fee067c18b99ea.tar.gz mitmproxy-3fbf343985cd1a957514ebcc54fee067c18b99ea.tar.bz2 mitmproxy-3fbf343985cd1a957514ebcc54fee067c18b99ea.zip