Merge Nokia copyright notice into standard

[openssl.git] / test / CAss.cnf

diff --git a/test/CAss.cnf b/test/CAss.cnf
index 546e660626783f86821aef8ae4d752530f42a87a..b20a2427603ba9f9507a76251a31706497417e4c 100644 (file)
--- a/test/CAss.cnf
+++ b/test/CAss.cnf
@@ -7,7 +7,7 @@ RANDFILE                = ./.rnd
 
 ####################################################################
 [ req ]
-default_bits           = 1024
+default_bits           = 2048
 default_keyfile        = keySS.pem
 distinguished_name     = req_distinguished_name
 encrypt_rsa_key                = no
@@ -36,7 +36,7 @@ certs         = $dir/certs            # Where the issued certs are kept
 crl_dir                = $dir/crl              # Where the issued crl are kept
 database       = $dir/index.txt        # database index file.
 #unique_subject        = no                    # Set to 'no' to allow creation of
-                                       # several ctificates with same subject.
+                                       # several certificates with same subject.
 new_certs_dir  = $dir/newcerts         # default place for new certs.
 
 certificate    = $dir/cacert.pem       # The CA certificate
@@ -45,7 +45,7 @@ crl           = $dir/crl.pem          # The current CRL
 private_key    = $dir/private/cakey.pem# The private key
 RANDFILE       = $dir/private/.rand    # private random number file
 
-x509_extensions        = v3_ca                 # The extentions to add to the cert
+x509_extensions        = v3_ca                 # The extensions to add to the cert
 
 name_opt       = ca_default            # Subject Name options
 cert_opt       = ca_default            # Certificate field options
@@ -71,6 +71,6 @@ emailAddress          = optional
 [ v3_ca ]
 subjectKeyIdentifier=hash
 authorityKeyIdentifier=keyid:always,issuer:always
-basicConstraints = CA:true,pathlen:1
+basicConstraints = critical,CA:true,pathlen:1
 keyUsage = cRLSign, keyCertSign
 issuerAltName=issuer:copy