Run util/openssl-format-source -v -c .

[openssl.git] / demos / certs / ca.cnf

diff --git a/demos/certs/ca.cnf b/demos/certs/ca.cnf
index ddf440bcc832aa1af8866ec56b8834fd7ff3a79d..5a8a5f29ef51d196fd078341635c5fc2a3f4a121 100644 (file)
--- a/demos/certs/ca.cnf
+++ b/demos/certs/ca.cnf
@@ -16,7 +16,7 @@ default_keyfile       = privkey.pem
 # Don't prompt for fields: use those in section directly
 prompt                 = no
 distinguished_name     = req_distinguished_name
-x509_extensions        = v3_ca # The extentions to add to the self signed cert
+x509_extensions        = v3_ca # The extensions to add to the self signed cert
 string_mask = utf8only
 
 # req_extensions = v3_req # The extensions to add to a certificate request
@@ -35,7 +35,6 @@ commonName                    = $ENV::CN
 
 basicConstraints=critical, CA:FALSE
 keyUsage=critical, nonRepudiation, digitalSignature, keyEncipherment
-subjectAltName=DNS:crl.host.com
 
 # This will be displayed in Netscape's comment listbox.
 nsComment                      = "OpenSSL Generated Certificate"
@@ -43,14 +42,12 @@ nsComment                   = "OpenSSL Generated Certificate"
 # PKIX recommendations harmless if included in all certificates.
 subjectKeyIdentifier=hash
 authorityKeyIdentifier=keyid
-authorityInfoAccess = OCSP;URI:http://ocsp.host.com:8080/cgi-bin/prinenv/some/ocsp/path
 # OCSP responder certificate
 [ ocsp_cert ]
 
 basicConstraints=critical, CA:FALSE
 keyUsage=critical, nonRepudiation, digitalSignature, keyEncipherment
 
-
 # This will be displayed in Netscape's comment listbox.
 nsComment                      = "OpenSSL Generated Certificate"