Add example of generating a new CA and a new server cert signed by th…

…at CA, resolving #79
rustls · Aug 24, 2023 · c5afc0b · c5afc0b
1 parent d540717
commit c5afc0b
Showing 1 changed file with 1 addition and 12 deletions.
diff --git a/examples/auto-gen-ca-and-server-tls.rs b/examples/auto-gen-ca-and-server-tls.rs
@@ -8,23 +8,13 @@
 //! This doesn't start a network service (not even on localhost).
 //! Instead, it creates an in-memory TLS server and an in-memory
 //! TLS client in two separate threads in the same process.
-//!
-//! This example has the same author as a similar test in
-//! https://github.com/iamjpotts/demo_docker_registry_auto_gen_tls/blob/31c85aa06a87a8dbebc457af9b5998038e2daaa2/tests/test_utils/cert_gen.rs
-//! which does not have a license.
-//!
-//! This example auto-gen-ca-and-server-tls is contributed by
-//! the same author into rcgen according to the rcgen license:
-//!
-//!     "MIT or Apache License 2.0, at your option."
-//!
 
 use std::error::Error;
 use std::io;
 use std::thread;
 
 use native_tls::{HandshakeError, Identity, TlsAcceptor, TlsConnector, TlsStream};
-use rcgen::{BasicConstraints, CertificateSigningRequest, DnType, IsCa, SanType, ExtendedKeyUsagePurpose, KeyUsagePurpose, DistinguishedName, CertificateParams, Certificate, RcgenError};
+use rcgen::{BasicConstraints, CertificateSigningRequest, DnType, IsCa, SanType, KeyUsagePurpose, DistinguishedName, CertificateParams, Certificate, RcgenError};
 
 const SAN: &str = "example-server";
 
@@ -133,7 +123,6 @@ fn gen_cert_for_server(ca: &Certificate) -> Result<ServerCertificate, RcgenError
     params.alg = &rcgen::PKCS_ECDSA_P256_SHA256;
     params.distinguished_name = dn;
     params.subject_alt_names = vec![SanType::DnsName(SAN.into())];
-    params.extended_key_usages = vec![ExtendedKeyUsagePurpose::ServerAuth];
 
     let unsigned = Certificate::from_params(params)?;