From 9a769370887a8bd82411d1a0353756db3488e9d2 Mon Sep 17 00:00:00 2001
From: jbjohnso <jbjohnso@8638fb3e-16cb-4fca-ae20-7b5d299a9bcd>
Date: Wed, 23 Jan 2013 15:02:32 +0000
Subject: [PATCH] Add keyEncipherment to keyUsage since Java expects it

git-svn-id: https://svn.code.sf.net/p/xcat/code/xcat-core/trunk@14964 8638fb3e-16cb-4fca-ae20-7b5d299a9bcd
---
 xCAT-server/share/xcat/ca/openssl.cnf.tmpl | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/xCAT-server/share/xcat/ca/openssl.cnf.tmpl b/xCAT-server/share/xcat/ca/openssl.cnf.tmpl
index 08732fd33..4f4fcc04c 100644
--- a/xCAT-server/share/xcat/ca/openssl.cnf.tmpl
+++ b/xCAT-server/share/xcat/ca/openssl.cnf.tmpl
@@ -162,7 +162,7 @@ nsCertType			= server, client, objsign
 nsComment			= "OpenSSL Generated Server Certificate"
 subjectKeyIdentifier=hash
 authorityKeyIdentifier=keyid,issuer
-keyUsage = digitalSignature,keyAgreement
+keyUsage = digitalSignature,keyAgreement,keyEncipherment
 extendedKeyUsage = serverAuth
 
 [ usr_cert ]
@@ -173,7 +173,7 @@ extendedKeyUsage = serverAuth
 # requires this to avoid interpreting an end user certificate as a CA.
 
 basicConstraints=CA:FALSE
-keyUsage = digitalSignature,keyAgreement
+keyUsage = digitalSignature,keyAgreement,keyEncipherment
 extendedKeyUsage = clientAuth
 
 # Here are some examples of the usage of nsCertType. If it is omitted