Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
crypto/tls: require serverAuth if extendedKeyUsage on certificate #9000
The tls library in go mandates that client certificates have extendedKeyUsage that contains a clientAuth. However it does not do the same for serverAuth. Ideally it would do this check anytime there is an extendedKeyUsage extension on the certificate.
If you think that this isn't working, that would be a bug, but it's supposed to.