starred/mkcert
1
0
Fork 0
mirror of https://github.com/FiloSottile/mkcert.git synced 2026-04-25 05:26:03 +03:00
Code Issues 165 Projects Releases 10 Packages Wiki Activity

[GH-ISSUE #303] Remove codeSigning EKU? #194

New issue
Closed
opened 2026-02-25 22:32:50 +03:00 by kerem · 4 comments
kerem commented 2026-02-25 22:32:50 +03:00
Owner
Copy link

Originally created by @FiloSottile on GitHub (Oct 25, 2020).
Original GitHub issue: https://github.com/FiloSottile/mkcert/issues/303

@mastahyeti @btoews can you help me remember why in #152 we added the codeSigning EKU when there is an email SAN? How are those related?

github.com/FiloSottile/mkcert@a2b1208e9c/cert.go (L96-L98)

Originally created by @FiloSottile on GitHub (Oct 25, 2020). Original GitHub issue: https://github.com/FiloSottile/mkcert/issues/303 @mastahyeti @btoews can you help me remember why in #152 we added the codeSigning EKU when there is an email SAN? How are those related? https://github.com/FiloSottile/mkcert/blob/a2b1208e9c7d6a9588bce49729cfedbdf9f8be21/cert.go#L96-L98
kerem closed this issue 2026-02-25 22:32:50 +03:00
kerem commented 2026-02-25 22:32:50 +03:00
Author
Owner
Copy link

@btoews commented on GitHub (Oct 26, 2020):

I had been using mkcert while I was developing
https://github.com/github/smimesign. I don’t recall if Github’s commit
signature checking requires the code signing EKU. @ptoomey3 could check
maybe. Regardless, I don’t need the EKU myself any longer, but it might be
useful to someone doing some kind of Git signing with mkcert.

On Sun, Oct 25, 2020 at 3:55 PM Filippo Valsorda notifications@github.com
wrote:

@mastahyeti https://github.com/mastahyeti @btoews
https://github.com/btoews can you help me remember why in #152
https://github.com/FiloSottile/mkcert/pull/152 we added the codeSigning
EKU when there is an email SAN? How are those related?

github.com/FiloSottile/mkcert@a2b1208e9c/cert.go (L96-L98)


You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
https://github.com/FiloSottile/mkcert/issues/303, or unsubscribe
https://github.com/notifications/unsubscribe-auth/AAIXLBML7HVF3GSSR6YCGZDSMR7DLANCNFSM4S6RVBTA
.

<!-- gh-comment-id:716487277 --> @btoews commented on GitHub (Oct 26, 2020): I had been using mkcert while I was developing https://github.com/github/smimesign. I don’t recall if Github’s commit signature checking requires the code signing EKU. @ptoomey3 could check maybe. Regardless, I don’t need the EKU myself any longer, but it might be useful to someone doing some kind of Git signing with mkcert. On Sun, Oct 25, 2020 at 3:55 PM Filippo Valsorda <notifications@github.com> wrote: > @mastahyeti <https://github.com/mastahyeti> @btoews > <https://github.com/btoews> can you help me remember why in #152 > <https://github.com/FiloSottile/mkcert/pull/152> we added the codeSigning > EKU when there is an email SAN? How are those related? > > > https://github.com/FiloSottile/mkcert/blob/a2b1208e9c7d6a9588bce49729cfedbdf9f8be21/cert.go#L96-L98 > > — > You are receiving this because you were mentioned. > Reply to this email directly, view it on GitHub > <https://github.com/FiloSottile/mkcert/issues/303>, or unsubscribe > <https://github.com/notifications/unsubscribe-auth/AAIXLBML7HVF3GSSR6YCGZDSMR7DLANCNFSM4S6RVBTA> > . >
kerem commented 2026-02-25 22:32:50 +03:00
Author
Owner
Copy link

@ptoomey3 commented on GitHub (Oct 26, 2020):

I'll try pushing up a quick change to see what happens if we mint a cert for SMIME signatures without that extension.

<!-- gh-comment-id:716602918 --> @ptoomey3 commented on GitHub (Oct 26, 2020): I'll try pushing up a quick change to see what happens if we mint a cert for SMIME signatures without that extension.
kerem commented 2026-02-25 22:32:50 +03:00
Author
Owner
Copy link

@ptoomey3 commented on GitHub (Oct 26, 2020):

Nothing in CI broke when I disabled adding this extension for certs used for SMIME signatures in our tests.

<!-- gh-comment-id:716627934 --> @ptoomey3 commented on GitHub (Oct 26, 2020): Nothing in CI broke when I disabled adding this extension for certs used for SMIME signatures in our tests.
kerem commented 2026-02-25 22:32:50 +03:00
Author
Owner
Copy link

@FiloSottile commented on GitHub (Oct 27, 2020):

Awesome, thank you for checking!

<!-- gh-comment-id:717176285 --> @FiloSottile commented on GitHub (Oct 27, 2020): Awesome, thank you for checking!
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
v1.4.4
v1.4.3
v1.4.2
v1.4.1
v1.4.0
v1.3.0
v1.2.0
v1.1.2
v1.1.1
v1.1.0
v1.0.1
v1.0.0
v0.9.1
v0.9.0
Labels
Clear labels   
TLS stack issue

   
Windows

   
bug

   
duplicate

   
duplicate

   
enhancement

   
help wanted

   
help wanted

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
question

   
root store

   
waiting for info
No labels
TLS stack issue
Windows
bug
duplicate
duplicate
enhancement
help wanted
help wanted
pull-request
question
question
root store
waiting for info
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/mkcert#194
No description provided.