Key usage is a list of (9) flags turning on (true ) or off (false) a specific usage.

Flags:

1. digitalSignature
2. nonRepudiation
3. keyEncipherment
4. dataEncipherment
5. keyAgreement
6. keyCertSign
7. cRLSign
8. encipherOnly
9. decipherOnly

If length of list is shorter than 9, false will be added to the end until length is 9.

Examples

# Turn on digitalSignature
true
# Turn on keyCertSign
false,false,false,false,false,true

Extended key usage is a list of key purpose aliases. Only the one defined below are valid in the current version.

Key purpose aliases:

• OCSPSigning
• serverAuth
• clientAuth
• codeSigning