# # File containing the OIDs required for Windows. # # http://support.microsoft.com/kb/814394/en-us # [ xpclient_ext] extendedKeyUsage = 1.3.6.1.5.5.7.3.2 crlDistributionPoints = URI:http://www.example.com/example_ca.crl [ xpserver_ext] extendedKeyUsage = 1.3.6.1.5.5.7.3.1 crlDistributionPoints = URI:http://www.example.com/example_ca.crl certificatePolicies = 1.3.6.1.4.1.40808.1.3.2 # # Add this to the PKCS#7 keybag attributes holding the client's private key # for machine authentication. # # the presence of this OID tells Windows XP that the cert is intended # for use by the computer itself, and not by an end-user. # # The other solution is to use Microsoft's web certificate server # to generate these certs. # # 1.3.6.1.4.1.311.17.2