Merge pull request #3659 from vin01/master

Add EKU extension for dummy certificates
author: Maximilian Hils <git@maximilianhils.com> 2019-10-04 16:24:19 +0200
committer: GitHub <noreply@github.com> 2019-10-04 16:24:19 +0200
commit: fed3d3eb3793412c97cbed1f364cebb64383d12e (patch)
tree: 49425ce56ab0d7f0964721c456332222eca20b33
parent: 93f9e30728300cc5379fd90171818f642d8f24aa (diff)
parent: ed65476b2140435d857bd6acfffb5177ee71ad74 (diff)
download: mitmproxy-fed3d3eb3793412c97cbed1f364cebb64383d12e.tar.gz
mitmproxy-fed3d3eb3793412c97cbed1f364cebb64383d12e.tar.bz2
mitmproxy-fed3d3eb3793412c97cbed1f364cebb64383d12e.zip
1 files changed, 7 insertions, 0 deletions
diff --git a/mitmproxy/certs.py b/mitmproxy/certs.py
index 0ec63b50..65dc50e4 100644
--- a/mitmproxy/certs.py
+++ b/mitmproxy/certs.py
@@ -115,6 +115,13 @@ def dummy_cert(privkey, cacert, commonname, sans, organization):
         cert.set_version(2)
         cert.add_extensions(
             [OpenSSL.crypto.X509Extension(b"subjectAltName", False, ss)])
+    cert.add_extensions([
+        OpenSSL.crypto.X509Extension(
+            b"extendedKeyUsage",
+            False,
+            b"serverAuth,clientAuth"
+        )
+    ])
     cert.set_pubkey(cacert.get_pubkey())
     cert.sign(privkey, "sha256")
     return Cert(cert)
author	Maximilian Hils <git@maximilianhils.com>	2019-10-04 16:24:19 +0200
committer	GitHub <noreply@github.com>	2019-10-04 16:24:19 +0200
commit	fed3d3eb3793412c97cbed1f364cebb64383d12e (patch)
tree	49425ce56ab0d7f0964721c456332222eca20b33
parent	93f9e30728300cc5379fd90171818f642d8f24aa (diff)
parent	ed65476b2140435d857bd6acfffb5177ee71ad74 (diff)
download	mitmproxy-fed3d3eb3793412c97cbed1f364cebb64383d12e.tar.gz mitmproxy-fed3d3eb3793412c97cbed1f364cebb64383d12e.tar.bz2 mitmproxy-fed3d3eb3793412c97cbed1f364cebb64383d12e.zip