v.licheni.net
/
stack
/
cam.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
allow CA public key renewal
[stack/cam.git]
/
cam
/
templates
/
openssl_config
diff --git
a/cam/templates/openssl_config
b/cam/templates/openssl_config
index
4583fca
..
383c454
100644
(file)
--- a/
cam/templates/openssl_config
+++ b/
cam/templates/openssl_config
@@
-1,10
+1,11
@@
-RANDFILE =
%(basedir)s
/.random
+RANDFILE =
${ENV::CAROOT}
/.random
[ ca ]
default_ca = CA_default
[ ca ]
default_ca = CA_default
+unique_subject = no
[ CA_default ]
[ CA_default ]
-dir =
%(basedir)s
+dir =
${ENV::CAROOT}
certs = $dir/public/certs
crl_dir = $dir/public/crl
crl = $dir/public/crl.pem
certs = $dir/public/certs
crl_dir = $dir/public/crl
crl = $dir/public/crl.pem
@@
-27,7
+28,7
@@
countryName = supplied
organizationName = supplied
organizationalUnitName = optional
commonName = supplied
organizationName = supplied
organizationalUnitName = optional
commonName = supplied
-emailAddress =
supplied
+emailAddress =
optional
[ policy_anything ]
countryName = optional
[ policy_anything ]
countryName = optional
@@
-56,9
+57,6
@@
organizationalUnitName_default = "%(ou)s"
commonName = Common Name
commonName_max = 64
commonName_default = "%(cn)s"
commonName = Common Name
commonName_max = 64
commonName_default = "%(cn)s"
-emailAddress = Email Address
-emailAddress_max = 60
-emailAddress_default = "%(email)s"
SET-ex3 = SET extension number 3
[ req_attributes ]
SET-ex3 = SET extension number 3
[ req_attributes ]
@@
-72,6
+70,8
@@
basicConstraints = critical, CA:true
keyUsage = cRLSign, keyCertSign
nsCertType = sslCA, emailCA, objCA
nsComment = "%(cn)s"
keyUsage = cRLSign, keyCertSign
nsCertType = sslCA, emailCA, objCA
nsComment = "%(cn)s"
-subjectAltName =
email:copy
+subjectAltName =
@ca_alt_name
issuerAltName = issuer:copy
issuerAltName = issuer:copy
+[ ca_alt_name ]
+email = "%(email)s"