diff --git a/LaunchServer/src/main/java/pro/gravit/launchserver/binary/tasks/CertificateAutogenTask.java b/LaunchServer/src/main/java/pro/gravit/launchserver/binary/tasks/CertificateAutogenTask.java index e26cd640..400d22da 100644 --- a/LaunchServer/src/main/java/pro/gravit/launchserver/binary/tasks/CertificateAutogenTask.java +++ b/LaunchServer/src/main/java/pro/gravit/launchserver/binary/tasks/CertificateAutogenTask.java @@ -3,8 +3,7 @@ import org.bouncycastle.asn1.x500.X500Name; import org.bouncycastle.asn1.x500.X500NameBuilder; import org.bouncycastle.asn1.x500.style.BCStyle; -import org.bouncycastle.asn1.x509.Extension; -import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; +import org.bouncycastle.asn1.x509.*; import org.bouncycastle.cert.X509CertificateHolder; import org.bouncycastle.cert.X509v3CertificateBuilder; import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter; @@ -59,7 +58,8 @@ public Path process(Path inputFile) throws IOException { Date.from(startDate.plusDays(3650).atZone(ZoneId.systemDefault()).toInstant()), new X500Name("CN=ca"), SubjectPublicKeyInfo.getInstance(server.publicKey.getEncoded())); - builder.addExtension(Extension.getInstance("1.3.6.1.5.5.7.3.3")); + builder.addExtension(Extension.extendedKeyUsage, false, new ExtendedKeyUsage(KeyPurposeId.id_kp_codeSigning)); + builder.addExtension(Extension.keyUsage, false, new KeyUsage(1)); JcaContentSignerBuilder csBuilder = new JcaContentSignerBuilder("SHA256WITHECDSA"); ContentSigner signer = csBuilder.build(server.privateKey); bcCertificate = builder.build(signer);