utils/px5g-wolfssl: make selfsigned certicates compatible with chromium
authorSergey V. Lobanov <sergey@lobanov.in>
Fri, 24 Dec 2021 23:05:35 +0000 (02:05 +0300)
committerChristian Lamparter <chunkeey@gmail.com>
Wed, 29 Dec 2021 21:55:16 +0000 (22:55 +0100)
commit6bfc8bb4a37903bd1d3bb7e7824d89f3a2cca6a1
tree9b0e2b3623854117e02e995108bcfad8fe40c9a8
parentdfd695f4b9f364a7c7db646d2cada10fdf304f02
utils/px5g-wolfssl: make selfsigned certicates compatible with chromium

Chromium based web-browsers (version >58) checks x509v3 extended attributes.
If this check fails then chromium does not allow to click "Proceed to ...
(unsafe)" link. This patch add three x509v3 extended attributes to self-signed
certificate:
1. SAN (Subject Alternative Name) (DNS Name) = CN (common name)
2. Key Usage = Digital Signature, Non Repudiation, Key Encipherment
3. Extended Key Usage = TLS Web Server Authentication

SAN will be added only if CONFIG_WOLFSSL_ALT_NAMES=y

Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
package/utils/px5g-wolfssl/Makefile
package/utils/px5g-wolfssl/px5g-wolfssl.c