Chetan Gaonker | 7f4bf74 | 2016-05-04 15:56:08 -0700 | [diff] [blame] | 1 | # |
| 2 | # File containing the OIDs required for Windows. |
| 3 | # |
| 4 | # http://support.microsoft.com/kb/814394/en-us |
| 5 | # |
| 6 | [ xpclient_ext] |
| 7 | extendedKeyUsage = 1.3.6.1.5.5.7.3.2 |
| 8 | crlDistributionPoints = URI:http://www.example.com/example_ca.crl |
| 9 | |
| 10 | [ xpserver_ext] |
| 11 | extendedKeyUsage = 1.3.6.1.5.5.7.3.1 |
| 12 | crlDistributionPoints = URI:http://www.example.com/example_ca.crl |
| 13 | |
| 14 | # |
| 15 | # Add this to the PKCS#7 keybag attributes holding the client's private key |
| 16 | # for machine authentication. |
| 17 | # |
| 18 | # the presence of this OID tells Windows XP that the cert is intended |
| 19 | # for use by the computer itself, and not by an end-user. |
| 20 | # |
| 21 | # The other solution is to use Microsoft's web certificate server |
| 22 | # to generate these certs. |
| 23 | # |
| 24 | # 1.3.6.1.4.1.311.17.2 |