"client cert issued no longer exportable with private key (class3). IE10 certs usage broken"
This commit is contained in:
Wytze van der Raay
parent
1b49547d06
commit
35e318c03c
1 changed files with 3 additions and 1 deletions
|
|
@ -247,6 +247,7 @@ var CAcert_keygen_IE = function () {
|
|||
privateKey.Algorithm = algorithmOid;
|
||||
privateKey.Length = bits;
|
||||
privateKey.KeyUsage = 0xffffff; // XCN_NCRYPT_ALLOW_ALL_USAGES
|
||||
privateKey.ExportPolicy = 0x1; // XCN_NCRYPT_ALLOW_EXPORT_FLAG
|
||||
|
||||
var request = factory.CreateObject("X509Enrollment.CX509CertificateRequestPkcs10");
|
||||
request.InitializeFromPrivateKey(
|
||||
|
|
@ -545,7 +546,8 @@ var CAcert_keygen_IE = function () {
|
|||
}
|
||||
|
||||
cenroll.GenKeyFlags = bits << 16; // keysize is encoded in the uper 16 bits
|
||||
//cenroll.GenKeyFlags = cenroll.GenKeyFlags | 0x1; //CRYPT_EXPORTABLE
|
||||
// Allow exporting the private key
|
||||
cenroll.GenKeyFlags = cenroll.GenKeyFlags | 0x1; //CRYPT_EXPORTABLE
|
||||
|
||||
generatingKeyNotice.style.display = "";
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue