Fix a few minor issues with PKI certificate generation

src/libtdeldap.cpp

@@ -4346,11 +4346,14 @@ int LDAPManager::generateClientCertificatePublicCertificate(int expirydays, LDAP
 
 	TQString common_name = TQString::null;
 	if (user.name != "") {
-		common_name = TQString("/uid=%1").arg(user.name);
+		// TODO
+		// Determine if uid or CN is the best identifier
+		// common_name = TQString("/uid=%1").arg(user.name);
+		common_name = TQString("/CN=%1").arg(user.name);
 	}
 
-	subject = TQString("\"/CN=%1%2%3\"").arg(user.name).arg(openssldcForRealm(realmcfg.name)).arg(common_name);
-	command = TQString("openssl req -days %1 -new -out %2 -key %3 -config %4 -subj %5").arg(expirydays).arg(client_reqfile).arg(client_keyfile).arg(OPENSSL_EXTENSIONS_FILE).arg(subject);
+	subject = TQString("\"%1%2\"").arg(openssldcForRealm(realmcfg.name)).arg(common_name);
+	command = TQString("openssl req -days %1 -new -out %2 -key %3 -config %4 -subj %5").arg(expirydays).arg(client_reqfile).arg(client_keyfile).arg(client_cfgfile).arg(subject);
 	if (system(command) < 0) {
 		if (errstr) *errstr = TQString("Execution of \"%s\" failed").arg(command);
 		return -1;
@@ -4913,6 +4916,12 @@ int LDAPManager::writeOpenSSLConfigurationFile(LDAPRealmConfig realmcfg, LDAPUse
 		stream << "# This file was automatically generated by TDE\n";
 		stream << "# All changes will be lost!\n";
 		stream << "\n";
+		stream << "oid_section = new_oids" << "\n";
+		stream << "\n";
+		stream << "[new_oids]" << "\n";
+		stream << "uid = 0.9.2342.19200300.100.1.1" << "\n";
+		stream << "pkkdcekuoid = 1.3.6.1.5.2.3.5" << "\n";
+		stream << "\n";
 		stream << "[ca]" << "\n";
 		stream << "default_ca = certificate_authority" << "\n";
 		stream << "\n";