From 479a1ff8734f6d075d3ef75328f6d9013145d24b Mon Sep 17 00:00:00 2001 From: Orlando Rodriguez <49177883+ojrb@users.noreply.github.com> Date: Mon, 13 May 2019 12:00:13 -0500 Subject: [PATCH] Update windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md Co-Authored-By: Nicole Turner <39884432+nenonix@users.noreply.github.com> --- .../hello-for-business/hello-hybrid-key-trust-prereqs.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md index fa127fbc9c..5255ad8eec 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md @@ -62,7 +62,7 @@ The minimum required enterprise certificate authority that can be used with Wind * The certificate must have a Certificate Revocation List (CRL) distribution point extension that points to a valid CRL. * Optionally, the certificate Subject section should contain the directory path of the server object (the distinguished name). -* The certificate Key Usage section must contain: +* The certificate Key Usage section must contain Digital Signature and Key Encipherment. * Optionally, the certificate Basic Constraints section should contain: [Subject Type=End Entity, Path Length Constraint=None] * The certificate Enhanced Key Usage section must contain: Client Authentication (1.3.6.1.5.5.7.3.2) and Server Authentication (1.3.6.1.5.5.7.3.1)