[openssl.org #767] Openssl time bugs

David via RT Sun, 16 Nov 2003 04:16:46 -0800

[ ca ]
default_ca      = CA_default            # The default ca section

[ CA_default ]


certs           = ./            # Where the issued certs are kept
crl_dir         = ./            # Where the issued crl are kept
database        = ./index.txt   # database index file.
new_certs_dir   = ./            # default place for new certs.

certificate     = ./cacert.pem  # The CA certificate
serial          = ./serial              # The current serial number
crl             = ./crl.pem     # The current CRL
private_key     = ./cakey.pem   # The private key
RANDFILE        = ./rand        # private random number file

name_opt        = ca_default            # Subject Name options
cert_opt        = ca_default            # Certificate field options

default_days    = 365                   # how long to certify for

default_crl_days= 30                    # how long before next CRL
default_md      = md5                   # which md to use.
preserve        = no                    # keep passed DN ordering

policy          = policy_anything

[ policy_anything ]
countryName             = optional
stateOrProvinceName     = optional
localityName            = optional
organizationName        = optional
organizationalUnitName  = optional
commonName              = optional
emailAddress            = optional

####################################################################
[ req ]
default_bits            = 384
default_keyfile         = privkey.pem
distinguished_name      = req_distinguished_name
attributes              = req_attributes
x509_extensions = v3_ca # The extentions to add to the self signed cert

[ req_distinguished_name ]
countryName                     = Country Name (2 letter code)
countryName_default             = US
countryName_min                 = 2
countryName_max                 = 2

stateOrProvinceName             = State or Province Name (full name)
stateOrProvinceName_default     = State

localityName                    = Locality Name (eg, city)
localityName_default            = City

0.organizationName              = Organization Name (eg, company)
0.organizationName_default      = Organization

organizationalUnitName          = Organizational Unit Name (eg, section)

commonName                      = Common Name (eg, your name or your server\'s 
hostname)
commonName_default              = Common Name
commonName_max                  = 64

emailAddress                    = Email Address
emailAddress_default            = none
emailAddress_max                = 64

[ req_attributes ]

[ usr_cert ]

basicConstraints=CA:FALSE
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer:always

[ v3_req ]

basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment

[ v3_ca ]

subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always,issuer:always
basicConstraints = CA:true

[ crl_ext ]
authorityKeyIdentifier=keyid:always,issuer:always
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

[openssl.org #767] Openssl time bugs

Reply via email to