From f2a090e6afea6228c25ead2c593b86c69f5b03fc Mon Sep 17 00:00:00 2001 From: Jaap Keuter Date: Fri, 15 May 2026 17:13:51 +0200 Subject: [PATCH] Allow non-server TLS certificates to be created Pass in the desired certificate type so that the proper extension "TLS Web Server Authentication", "TLS Web Client Authentication", or both can be included for server, client and serverClient respectively. Signed-off-by: Jaap Keuter --- easyrsa3/easyrsa | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/easyrsa3/easyrsa b/easyrsa3/easyrsa index c5ba1bb68..bb3ec5171 100755 --- a/easyrsa3/easyrsa +++ b/easyrsa3/easyrsa @@ -3022,7 +3022,7 @@ $(cat "$crt_source") crt_fingerprint="${crt_fingerprint#*=}" # Certificate type - inline_crt_type= + inline_crt_type="$crt_type" ssl_cert_x509v3_eku "$crt_source" inline_crt_type || \ warn "inline_file: Unknown cert-type: '$inline_crt_type'"