wolfSSL
diff --git a/‎examples/client/client.c‎
Lines changed: 5 additions & 0 deletions b/‎examples/client/client.c‎
Lines changed: 5 additions & 0 deletions
diff --git a/‎src/certman.c‎
Lines changed: 6 additions & 0 deletions b/‎src/certman.c‎
Lines changed: 6 additions & 0 deletions
@@ -199,9 +199,14 @@ static byte isPrivate = 0;
 
 
 #ifdef WOLFSSH_CERTS
+#if 0
+static const byte publicKeyType[] = "x509v3-ssh-rsa";
+static const byte privateKeyType[] = "ssh-rsa";
+#else
 static const byte publicKeyType[] = "x509v3-ecdsa-sha2-nistp256";
 static const byte privateKeyType[] = "ecdsa-sha2-nistp256";
 #endif
+#endif
 
 #ifndef WOLFSSH_NO_RSA
 static const char* hanselPublicRsa =
 
@@ -313,6 +313,12 @@ static int CheckProfile(DecodedCert* cert, int profile)
         valid = !cert->isCA;
     }
 
+    if (valid) {
+        valid =
+            WMEMCMP(cert->extAuthKeyId, cert->extSubjKeyId, KEYID_SIZE) != 0;
+
+    }
+
     if (valid) {
             valid =
                 ((certPolicies[1] != NULL) &&