feat(tls): update schema for TLS keyusage

2023-10-05 16:25:09 +02:00 · 2023-10-05 16:25:09 +02:00 · c5dccdf526
parent aa25e3badd
commit c5dccdf526
2 changed files with 14 additions and 0 deletions
--- a/apps/emqx/src/emqx_schema.erl
+++ b/apps/emqx/src/emqx_schema.erl
@ -2186,6 +2186,14 @@ common_ssl_opts_schema(Defaults, Type) ->
                    desc => ?DESC(common_ssl_opts_schema_partial_chain)
                }
            )},
+        {"verify_peer_ext_key_usage",
+            sc(
+                string(),
+                #{
+                    required => false,
+                    desc => ?DESC(common_ssl_opts_verify_peer_ext_key_usage)
+                }
+            )},
        {"reuse_sessions",
            sc(
                boolean(),
--- a/rel/i18n/emqx_schema.hocon
+++ b/rel/i18n/emqx_schema.hocon
@ -690,6 +690,12 @@ common_ssl_opts_schema_partial_chain.desc:
 common_ssl_opts_schema_partial_chain.label:
 """Partial chain"""

+common_ssl_opts_verify_peer_ext_key_usage.desc:
+"""Verify Extended Key Usage in Peer's certificate"""
+
+common_ssl_opts_verify_peer_ext_key_usage.label:
+"""Verify KeyUsage in cert"""
+
 fields_listeners_ssl.desc:
 """SSL listeners."""