Added KeyUsage DigitalSignature to CA certs. (#197)

micromdm · Dec 1, 2023 · aa863fe · aa863fe
1 parent 988fe4e
commit aa863fe
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 3 deletions.
diff --git a/Makefile b/Makefile
@@ -20,6 +20,8 @@ SCEPSERVER=\
 
 my: scepclient-$(OSARCH) scepserver-$(OSARCH)
 
+win: scepclient-$(OSARCH).exe scepserver-$(OSARCH).exe
+
 docker: scepclient-linux-amd64 scepserver-linux-amd64
 
 $(SCEPCLIENT):
@@ -48,4 +50,4 @@ test:
 test-race:
 	go test -cover -race ./...
 
-.PHONY: my docker $(SCEPCLIENT) $(SCEPSERVER) release clean test test-race
+.PHONY: my mywin docker $(SCEPCLIENT) $(SCEPSERVER) release clean test test-race
diff --git a/README.md b/README.md
@@ -14,7 +14,7 @@ Binary releases are available on the [releases page](https://github.com/micromdm
 To compile the SCEP client and server you will need [a Go compiler](https://golang.org/dl/) as well as standard tools like git, make, etc.
 
 1. Clone the repository and get into the source directory: `git clone https://github.com/micromdm/scep.git && cd scep`
-2. Compile the client and server binaries: `make`
+2. Compile the client and server binaries: `make` (for Windows: `make win`)
 
 The binaries will be compiled in the current directory and named after the architecture. I.e. `scepclient-linux-amd64` and `scepserver-linux-amd64`.
 

diff --git a/depot/cacert.go b/depot/cacert.go
@@ -27,7 +27,9 @@ func NewCACert(opts ...CACertOption) *CACert {
 		organization:       "scep-ca",
 		organizationalUnit: "SCEP CA",
 		years:              10,
-		keyUsage:           x509.KeyUsageCertSign | x509.KeyUsageCRLSign,
+		keyUsage: x509.KeyUsageCertSign |
+			x509.KeyUsageCRLSign |
+			x509.KeyUsageDigitalSignature,
 	}
 	for _, opt := range opts {
 		opt(c)