From 3b4611483fe3becdcd959be83b340f24c9a0f49c Mon Sep 17 00:00:00 2001
From: Robert Tarrall <robert.tarrall@balbix.com>
Date: Tue, 8 Oct 2019 17:39:25 -0700
Subject: [PATCH 1/2] Add extKeyUsage to auto-generated self-signed cert

MacOS 10.15 Catalina has additional requirements for self-signed
certs: https://support.apple.com/en-us/HT210176

Chrome (and, I assume, Safari) will not let you clickthrough the
"invalid cert" warning (error is NET::ERR_CERT_INVALID) if the
ExtendedKeyUsage extension is not present with at least the
id-kp-serverAuth OID.
---
 lib/utils/createCertificate.js | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/lib/utils/createCertificate.js b/lib/utils/createCertificate.js
index c58fc05d0d..55bd0932ff 100644
--- a/lib/utils/createCertificate.js
+++ b/lib/utils/createCertificate.js
@@ -20,6 +20,13 @@ function createCertificate(attributes) {
         keyEncipherment: true,
         dataEncipherment: true,
       },
+      {
+        name: 'extKeyUsage',
+        serverAuth: true,
+        clientAuth: true,
+        codeSigning: true,
+        timeStamping: true
+      },
       {
         name: 'subjectAltName',
         altNames: [

From ef553c7bfba1b74bd38b08d7e1829c6d4f73688e Mon Sep 17 00:00:00 2001
From: Robert Tarrall <robert.tarrall@balbix.com>
Date: Mon, 14 Oct 2019 09:13:30 -0700
Subject: [PATCH 2/2] Fix trailing-comma lint

---
 lib/utils/createCertificate.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/utils/createCertificate.js b/lib/utils/createCertificate.js
index 55bd0932ff..38e0cf71bf 100644
--- a/lib/utils/createCertificate.js
+++ b/lib/utils/createCertificate.js
@@ -25,7 +25,7 @@ function createCertificate(attributes) {
         serverAuth: true,
         clientAuth: true,
         codeSigning: true,
-        timeStamping: true
+        timeStamping: true,
       },
       {
         name: 'subjectAltName',