[openssl-users] keyusage digitalSignature in CA certs
rgm at htt-consult.com
Thu Aug 17 13:20:52 UTC 2017
Should digitalSignature be included in keyusage in CA certs?
Does not include it.
It seems to make a root or intermediate CA be able to have more purposes
than it should? e.g.
SSL client : Yes
SSL server : Yes
S/MIME signing : Yes
So which is the right for a CA's key usage?
More information about the openssl-users