Making a Windows cert say it's purpose is "Ensures the identity of a remote computer"
If I could use OpenSSL I'd just add following lines to openssl.conf:
keyUsage = digitalSignature
extendedKeyUsage=serverAuth
but don't know how add extendedKeyUsage
in PHPSecLib