projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Add extensive DRBG selftest data and option to corrupt it in fips_test_suite.
[openssl.git]
/
apps
/
openssl-vms.cnf
diff --git
a/apps/openssl-vms.cnf
b/apps/openssl-vms.cnf
index c8e1a61a11abcf96291861590285ca482e028b8d..20ed61bc3e4deca99f108a104fbda4d2ecf2c485 100644
(file)
--- a/
apps/openssl-vms.cnf
+++ b/
apps/openssl-vms.cnf
@@
-72,7
+72,7
@@
cert_opt = ca_default # Certificate field options
default_days = 365 # how long to certify for
default_crl_days= 30 # how long before next CRL
default_days = 365 # how long to certify for
default_crl_days= 30 # how long before next CRL
-default_md =
sha1 # which md to use.
+default_md =
default # use public key default MD
preserve = no # keep passed DN ordering
# A few difference way of specifying how similar the request should look
preserve = no # keep passed DN ordering
# A few difference way of specifying how similar the request should look
@@
-212,7
+212,7
@@
authorityKeyIdentifier=keyid,issuer
#nsSslServerName
# This is required for TSA certificates.
#nsSslServerName
# This is required for TSA certificates.
-extendedKeyUsage = critical,timeStamping
+
#
extendedKeyUsage = critical,timeStamping
[ v3_req ]
[ v3_req ]
@@
-231,7
+231,7
@@
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
subjectKeyIdentifier=hash
subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid:always,issuer
:always
+authorityKeyIdentifier=keyid:always,issuer
# This is what PKIX recommends but some broken software chokes on critical
# extensions.
# This is what PKIX recommends but some broken software chokes on critical
# extensions.
@@
-264,7
+264,7
@@
basicConstraints = CA:true
# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
# issuerAltName=issuer:copy
# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
# issuerAltName=issuer:copy
-authorityKeyIdentifier=keyid:always
,issuer:always
+authorityKeyIdentifier=keyid:always
[ proxy_cert_ext ]
# These extensions should be added when creating a proxy certificate
[ proxy_cert_ext ]
# These extensions should be added when creating a proxy certificate
@@
-297,7
+297,7
@@
nsComment = "OpenSSL Generated Certificate"
# PKIX recommendations harmless if included in all certificates.
subjectKeyIdentifier=hash
# PKIX recommendations harmless if included in all certificates.
subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer
:always
+authorityKeyIdentifier=keyid,issuer
# This stuff is for subjectAltName and issuerAltname.
# Import the email address.
# This stuff is for subjectAltName and issuerAltname.
# Import the email address.