Use more modern Go version

[gogost.git] / cmd / cer-selfsigned-example / main.go

diff --git a/cmd/cer-selfsigned-example/main.go b/cmd/cer-selfsigned-example/main.go
index f859f8d60b2f05472712c51394689345620c6102..2eafe6407574cd7babbf57eaa649c6f2d0ca6d01 100644 (file)
--- a/cmd/cer-selfsigned-example/main.go
+++ b/cmd/cer-selfsigned-example/main.go
@@ -191,7 +191,6 @@ func main() {
        spki = spki[:20]
 
        cerTmpl := x509.Certificate{
-               KeyUsage:           x509.KeyUsageDigitalSignature,
                NotBefore:          notBefore,
                NotAfter:           notAfter,
                SerialNumber:       sn,
@@ -200,10 +199,12 @@ func main() {
                SubjectKeyId:       spki,
        }
        if *ca {
+               cerTmpl.BasicConstraintsValid = true
                cerTmpl.IsCA = true
-               cerTmpl.KeyUsage |= x509.KeyUsageCertSign
+               cerTmpl.KeyUsage = x509.KeyUsageCertSign
        } else {
                cerTmpl.DNSNames = []string{*cn}
+               cerTmpl.KeyUsage = x509.KeyUsageDigitalSignature
        }
 
        if caCer == nil {
@@ -215,6 +216,9 @@ func main() {
                &cerTmpl, caCer, pub,
                &gost3410.PrivateKeyReverseDigest{Prv: caPrv.(*gost3410.PrivateKey)},
        )
+       if err != nil {
+               log.Fatalln(err)
+       }
        data = pem.EncodeToMemory(&pem.Block{Type: PEMCer, Bytes: data})
        if *outCer == "" {
                _, err = os.Stdout.Write(data)