From 4b95514c363e66af72ec288a77f3635168b62f0c Mon Sep 17 00:00:00 2001
From: Anthony Hu <anthony@wolfssl.com>
Date: Tue, 23 Nov 2021 11:16:58 -0500
Subject: [PATCH] Better certificate configurations to make the curl/httpd demo
 work.

---
 pq/generate_falcon_chains.sh | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/pq/generate_falcon_chains.sh b/pq/generate_falcon_chains.sh
index d7843d97..d7d4a8fd 100755
--- a/pq/generate_falcon_chains.sh
+++ b/pq/generate_falcon_chains.sh
@@ -48,10 +48,12 @@ CN                     = Entity Certificate\n\
 emailAddress           = entity@wolfssl.com\n\
 \n\
 [ x509v3_extensions ]\n\
+subjectAltName = IP:127.0.0.1\n\
 subjectKeyIdentifier   = hash\n\
 authorityKeyIdentifier = keyid:always,issuer:always\n\
 keyUsage               = critical, digitalSignature\n\
-extendedKeyUsage       = critical, serverAuth,clientAuth\n" > entity.conf
+extendedKeyUsage       = critical, serverAuth,clientAuth\n\
+basicConstraints       = critical, CA:false\n" > entity.conf
 
 ###############################################################################
 # Falcon NIST Level 1