Drop codeSigning EKU from certificates with email SANs

Unclear how those are correlated. If it breaks something we can put it back. Fixes #303
2020-10-27 12:25:23 +01:00 · 2020-10-27 12:25:23 +01:00 · 9f583c670f
commit 9f583c670f
parent c12e24244a
1 changed files with 1 additions and 1 deletions
--- a/cert.go
+++ b/cert.go
@ -93,7 +93,7 @@ func (m *mkcert) makeCert(hosts []string) {
 		tpl.ExtKeyUsage = []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth}
 	}
 	if len(tpl.EmailAddresses) > 0 {
-		tpl.ExtKeyUsage = append(tpl.ExtKeyUsage, x509.ExtKeyUsageCodeSigning, x509.ExtKeyUsageEmailProtection)
+		tpl.ExtKeyUsage = append(tpl.ExtKeyUsage, x509.ExtKeyUsageEmailProtection)
 	}

 	// IIS (the main target of PKCS #12 files), only shows the deprecated