X-Git-Url: https://git.openssl.org/gitweb/?a=blobdiff_plain;f=apps%2Fopenssl.cnf;h=8941f454f8a577d088f5628772498a75e2f21e54;hb=e39c2548f522a9293376a19fdbe466514a882d16;hp=c089a21f2702cffd0d2613c802c3394ad00a2ead;hpb=d8c2adae578d44b6c313e57bc971fa2825b9c399;p=openssl.git diff --git a/apps/openssl.cnf b/apps/openssl.cnf index c089a21f27..8941f454f8 100644 --- a/apps/openssl.cnf +++ b/apps/openssl.cnf @@ -38,18 +38,31 @@ dir = ./demoCA # Where everything is kept certs = $dir/certs # Where the issued certs are kept crl_dir = $dir/crl # Where the issued crl are kept database = $dir/index.txt # database index file. +#unique_subject = no # Set to 'no' to allow creation of + # several ctificates with same subject. new_certs_dir = $dir/newcerts # default place for new certs. certificate = $dir/cacert.pem # The CA certificate serial = $dir/serial # The current serial number +crlnumber = $dir/crlnumber # the current crl number + # must be commented out to leave a V1 CRL crl = $dir/crl.pem # The current CRL private_key = $dir/private/cakey.pem# The private key RANDFILE = $dir/private/.rand # private random number file x509_extensions = usr_cert # The extentions to add to the cert +# Comment out the following two lines for the "traditional" +# (and highly broken) format. +name_opt = ca_default # Subject Name options +cert_opt = ca_default # Certificate field options + +# Extension copying option: use with caution. +# copy_extensions = copy + # Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs # so this is commented out by default to leave a V1 CRL. +# crlnumber must also be commented out to leave a V1 CRL. # crl_extensions = crl_ext default_days = 365 # how long to certify for @@ -180,6 +193,9 @@ authorityKeyIdentifier=keyid,issuer:always # This stuff is for subjectAltName and issuerAltname. # Import the email address. # subjectAltName=email:copy +# An alternative to produce certificates that aren't +# deprecated according to PKIX. +# subjectAltName=email:move # Copy subject details # issuerAltName=issuer:copy