当证书用于它未经授权的用途时,将会出现以下错误。
pkg install: The certificate whose subject is /C=US/ST=California/L=Menlo Park/O=pkg5/CN=ch1_ta3/emailAddress=ch1_ta3 could not be verified because it has been used inappropriately. The way it is used means that the value for extension keyUsage must include 'DIGITAL SIGNATURE' but the value was 'Certificate Sign, CRL Sign'.
在本例中,ch1_ta3 证书被用来对软件包进行签名。证书的 keyUsage 扩展意味着证书只有在对其他证书和 CRL(Certificate Revocation List,证书吊销列表)进行签名时才是有效的。