From c227beb510fde889d831b504ea041a64fde8c192 Mon Sep 17 00:00:00 2001
From: Mark Anthony Cianfrani <markacianf@gmail.com>
Date: Fri, 20 Jul 2018 22:17:49 -0400
Subject: [PATCH] added basic constraints configuration for self signed
 certificates (#327)

---
 util/Setup/CertBuilder.cs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/util/Setup/CertBuilder.cs b/util/Setup/CertBuilder.cs
index 9e34b759c7..441ee8e3f5 100644
--- a/util/Setup/CertBuilder.cs
+++ b/util/Setup/CertBuilder.cs
@@ -32,7 +32,7 @@ namespace Bit.Setup
                         $"-keyout /bitwarden/ssl/self/{Domain}/private.key " +
                         $"-out /bitwarden/ssl/self/{Domain}/certificate.crt " +
                         $"-reqexts SAN -extensions SAN " +
-                        $"-config <(cat /usr/lib/ssl/openssl.cnf <(printf '[SAN]\nsubjectAltName=DNS:{Domain}')) " +
+                        $"-config <(cat /usr/lib/ssl/openssl.cnf <(printf '[SAN]\nsubjectAltName=DNS:{Domain}\nbasicConstraints=CA:true')) " +
                         $"-subj \"/C=US/ST=Florida/L=Jacksonville/O=8bit Solutions LLC/OU=Bitwarden/CN={Domain}\"");
                 }
             }