[ xpserver_ext]
extendedKeyUsage = 1.3.6.1.5.5.7.3.1
-
-#
-# Add this to the PKCS#7 keybag attributes holding the client's private key
-# for machine authentication.
-#
-# the presence of this OID tells Windows XP that the cert is intended
-# for use by the computer itself, and not by an end-user.
-#
-# The other solution is to use Microsoft's web certificate server
-# to generate these certs.
-#
-# 1.3.6.1.4.1.311.17.2