Fix RA test.

2015-06-05 08:24:56 -07:00 · 2015-06-05 08:24:56 -07:00 · 1e036549cb
parent 625eab5ad3
commit 1e036549cb
3 changed files with 5 additions and 3 deletions
--- a/core/objects.go
+++ b/core/objects.go
@ -419,7 +419,7 @@ func (cert Certificate) MatchesCSR(csr *x509.CertificateRequest, earliestExpiry
 		err = InternalServerError("Generated certificate can sign other certificates")
 		return
 	}
-	if !cmpExtKeyUsageSlice(parsedCertificate.ExtKeyUsage, []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth}) {
+	if !cmpExtKeyUsageSlice(parsedCertificate.ExtKeyUsage, []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth, x509.ExtKeyUsageClientAuth}) {
 		err = InternalServerError("Generated certificate doesn't have correct key usage extensions")
 		return
 	}
--- a/test/boulder-config.json
+++ b/test/boulder-config.json
@ -53,7 +53,8 @@
            "usages": [
              "digital signature",
              "key encipherment",
-              "server auth"
+              "server auth",
+              "client auth"
            ],
            "backdate": "1h",
            "is_ca": false,
--- a/test/boulder-test-config.json
+++ b/test/boulder-test-config.json
@ -53,7 +53,8 @@
            "usages": [
              "digital signature",
              "key encipherment",
-              "server auth"
+              "server auth",
+              "client auth"
            ],
            "backdate": "1h",
            "is_ca": false,