none
Certificate key usage in standalone CA

    Question

  • I have a problem with a standalone sub CA.

    Certificate must be able to sign Outlook mails, encrypt them and sign Word documents, so in certqtp.inc I've changed rgAvailReqTypes parametr for my certificate:

    rgAvailReqTypes(0,FIELD_OID)="1.3.6.1.4.1.311.10.3.12, 1.3.6.1.5.5.7.3.4, 1.3.6.1.5.5.7.3.2, 1.3.6.1.4.1.311.10.3.4"

    After that key usage field of enrolled certificates have changed to "data ecnryption (20)", but I don't know why. So with this key usage I can sign documents, can ecnrypt mails, but can't sign them (key usage must contain digital signature).

    How to change key usage field in standalone CA ??


    • Edited by C1one_38 Thursday, February 27, 2014 10:31 AM
    Thursday, February 27, 2014 10:29 AM

Answers