From bf2fc31aee2809778822e7e9c0057077e1c78a49 Mon Sep 17 00:00:00 2001
From: Brian West <brian@freeswitch.org>
Date: Wed, 21 Aug 2013 11:20:08 -0500
Subject: [PATCH] FS-5695 --resolve

---
 scripts/gentls_cert.in | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/scripts/gentls_cert.in b/scripts/gentls_cert.in
index 26da60c7f8..49b3940d5d 100644
--- a/scripts/gentls_cert.in
+++ b/scripts/gentls_cert.in
@@ -7,7 +7,7 @@ export KEY_SIZE=${KEY_SIZE}
 
 TMPFILE="/tmp/fs-ca-$$-$(date +%Y%m%d%H%M%S)"
 
-COMMON_NAME="FreesSWITCH CA"
+COMMON_NAME="FreeSWITCH CA"
 ALT_NAME="DNS:test.freeswitch.org"
 ORG_NAME="FreeSWITCH"
 OUTFILE="agent.pem"
@@ -47,6 +47,7 @@ setup_ca() {
 			default_bits            = \$ENV::KEY_SIZE
 			prompt                  = no
 			distinguished_name      = req_dn
+			x509_extensions         = v3_ca
 
 			[ req_dn ]
 			commonName              = %CN%
@@ -69,6 +70,12 @@ setup_ca() {
 			subjectAltName=%ALTNAME%
 			nsCertType=client
 			extendedKeyUsage=clientAuth
+
+			[ v3_ca ]
+			subjectKeyIdentifier=hash
+			authorityKeyIdentifier=keyid:always,issuer
+			basicConstraints=CA:TRUE
+
 		EOF
 	fi
 
@@ -84,6 +91,7 @@ setup_ca() {
 		-new -x509 -keyout "${CONFDIR}/CA/cakey.pem" \
 		-config "${TMPFILE}.cfg" -nodes -days ${DAYS} -sha1 >/dev/null || exit 1
 	cat "${CONFDIR}/CA/cacert.pem" > "${CONFDIR}/cafile.pem"
+	cp $TMPFILE.cfg /tmp/ssl.cfg
 	rm "${TMPFILE}.cfg"
 
 	echo "DONE"