🟣extendedKeyUsage
Provides a list of the most commonly used values for extendedKeyUsage, as well as their respective OID.
The following extendedKeyUsage can define what your extended usages are for.
Microsoft's certreq command uses the OID, OpenSSL can use the value or OID.
Value | OID | Description |
---|---|---|
2.5.29.37.0 | Any extended key usage | |
| 1.3.6.1.5.5.7.3.1 | |
| 1.3.6.1.5.5.7.3.2 | |
| 1.3.6.1.5.5.7.3.3 | Code signing (Signing of downloadable executable code) |
| 1.3.6.1.5.5.7.3.4 | |
| 1.3.6.1.5.5.7.3.8 | Trusted Timestamping (Binding the hash of an object to a time) |
| 1.3.6.1.4.1.311.2.1.21 | Microsoft Individual Code Signing (authenticode) |
| 1.3.6.1.4.1.311.2.1.22 | Microsoft Commercial Code Signing (authenticode) |
| 1.3.6.1.4.1.311.10.3.1 | Microsoft Trust List Signing |
| 1.3.6.1.4.1.311.10.3.3 | Microsoft Server Gated Crypto |
| 1.3.6.1.4.1.311.10.3.4 | Microsoft Encrypted File System |
| 1.3.6.1.4.1.311.10.3.4.1 | Microsoft EFS Recovery |
| 1.3.6.1.4.1.311.2.1.14 | Microsoft Extension Request |
| 2.16.840.1.113730.4.1 | Netscape Server Gated Crypto |
| 1.3.6.1.4.1.311.20.2.3 | Microsoft User Principal Name |
unknown | 1.3.6.1.4.1.311.21.6 | EFS Key Recovery Agent |
| 1.3.6.1.4.1.311.67.1.1 | Bitlocker Drive Encryption |
| 1.3.6.1.4.1.311.67.1.2 | Bitlocker Data Recovery Agent |
| 1.3.6.1.4.1.311.20.2.2 | Microsoft Smartcard Login |
| 1.3.6.1.5.5.7.3.21 | Secure Shell client |
| 1.3.6.1.5.5.7.3.22 | Secure Shell server |
| 1.3.6.1.5.5.8.2.2 | IPSec Intermediate System Usage |
| 1.3.6.1.5.5.7.3.5 | IPSEC End System Certificate |
| 1.3.6.1.5.5.7.3.6 | IP security tunnel termination |
| 1.3.6.1.5.5.7.3.7 | IP security user |
| 1.3.6.1.5.5.7.3.9 | OCSPstamping |
| 1.3.6.1.5.5.7.3.10 | Data Validation and Certification Server (DVCS) |
| 1.3.6.1.5.5.7.3.12 | This OID is obsolete. |
| 1.3.6.1.5.5.7.3.13 | Authentication Protocol (EAP) |
| 1.3.6.1.5.5.7.3.14 | Authentication Protocol (EAP) |
| 1.3.6.1.5.5.7.3.15 | SCVP Server |
| 1.3.6.1.5.5.7.3.16 | SCVP Client |
| 1.2.840.113583.1.1.5 | Adobe Authentic Documents Trust Adobe PDF Signing This and Microsoft Document Signing usually tied together. |
| 2.16.840.1.114412.3.21 | Adobe Signing Certificate Digitcert |
| 1.3.6.1.4.1.311.10.3.12 | Microsoft Document Signing |
| 1.3.6.1.4.1.311.3.10.3.12 | Timestamping signature (Ms-CounterSign) (old) |
| 1.3.6.1.4.1.311.21.1 | Microsoft CertSrv Infrastructure certsrv.exe |
| 1.3.6.1.4.1.311.54.1.2 | MS Remote Desktop Authentication |
| 1.3.6.1.4.1.311.80.1 | Document Encryption |
| 1.3.6.1.4.1.11591.2.6.1 | GPG Certify |
| 1.3.6.1.4.1.11591.2.6.2 | GPG Sign |
| 1.3.6.1.4.1.11591.2.6.3 | GPG Encryption |
| 1.3.6.1.4.1.11591.2.6.4 | GPG Authenticate |
| 1.2.840.113583.1.1.9 | X509-Extension: Adobe proprietary |
| 1.3.6.1.4.1.311.2 | Microsoft Authenticode |
| 1.3.6.1.4.1.311.3 | Microsoft Timestamping |
| 2.16.840.1.114412.3.11 | Windows Kernal Driver Signing |
Last updated