diff options
Diffstat (limited to 'testing/hosts/winnetou/etc/openssl/ecdsa/openssl.cnf')
| -rw-r--r-- | testing/hosts/winnetou/etc/openssl/ecdsa/openssl.cnf | 22 |
1 files changed, 7 insertions, 15 deletions
diff --git a/testing/hosts/winnetou/etc/openssl/ecdsa/openssl.cnf b/testing/hosts/winnetou/etc/openssl/ecdsa/openssl.cnf index d31752e30..ddd94d061 100644 --- a/testing/hosts/winnetou/etc/openssl/ecdsa/openssl.cnf +++ b/testing/hosts/winnetou/etc/openssl/ecdsa/openssl.cnf @@ -1,19 +1,11 @@ -# openssl.cnf - OpenSSL configuration file for the ZHW PKI -# Mario Strasser <mario.strasser@zhwin.ch> -# +# openssl.cnf - OpenSSL configuration file +# # This definitions were set by the ca_init script DO NOT change # them manually. -CAHOME = /etc/openssl/ecdsa +CAHOME = /etc/openssl/ecdsa RANDFILE = $CAHOME/.rand -# Extra OBJECT IDENTIFIER info: -oid_section = new_oids - -[ new_oids ] -SmartcardLogin = 1.3.6.1.4.1.311.20.2 -ClientAuthentication = 1.3.6.1.4.1.311.20.2.2 - #################################################################### [ ca ] @@ -21,7 +13,7 @@ default_ca = root_ca # The default ca section #################################################################### -[ root_ca ] +[ root_ca ] dir = $CAHOME certs = $dir/certs # Where the issued certs are kept @@ -83,7 +75,7 @@ x509_extensions = ca_ext # The extensions to add to the self signed cert # req_extensions = v3_req # The extensions to add to a certificate request -# This sets a mask for permitted string types. There are several options. +# This sets a mask for permitted string types. There are several options. # default: PrintableString, T61String, BMPString. # pkix : PrintableString, BMPString. # utf8only: only UTF8Strings. @@ -118,7 +110,7 @@ organizationName_default = Linux strongSwan #1.organizationalUnitName = Type (eg, Staff) #1.organizationalUnitName_default = Staff -#userId = UID +#userId = UID commonName = Common Name (eg, YOUR name) commonName_default = $ENV::COMMON_NAME @@ -156,7 +148,7 @@ basicConstraints = CA:FALSE keyUsage = digitalSignature, keyEncipherment, keyAgreement subjectKeyIdentifier = hash authorityKeyIdentifier = keyid, issuer:always -subjectAltName = email:$ENV::COMMON_NAME +subjectAltName = email:$ENV::COMMON_NAME #authorityInfoAccess = OCSP;URI:http://ocsp.strongswan.org:8880 crlDistributionPoints = URI:http://crl.strongswan.org/strongswan_ec.crl |