Categories:
Android (13)
Apple Mac (27)
DH Keys (39)
DSA Keys (70)
EC Keys (968)
Firefox (30)
General (10)
Google Chrome (25)
Intermediate CA (152)
Java VM (29)
JDK Keytool (28)
Microsoft CertUtil (29)
Microsoft Edge (9)
Mozilla CertUtil (21)
OpenSSL (236)
Other (7)
Portecle (38)
Publishers (3288)
Revoked Certificates (16)
Root CA (85)
RSA Keys (2635)
Tools (46)
Tutorial (1)
What Is (22)
Windows (127)
Collections:
Other Resources:
OpenSSL [ca] Section in Configuration File
How to provide OpenSSL "ca" command options in the configuration file? I see examples of using the [ca] section.
✍: FYIcenter.com
Yes, you can use the [ca] section to help providing OpenSSL "ca" command options
in the configuration file. But there are 4 ways to provide "ca" command options:
1. Using unnamed section - You can put all "ca" command options in the unnamed section of the configuration file. You need to set "default_ca=empty" and keep [empty] empty. For example:
# Unnamed section of generic options ... # "ca" command options default_ca = empty default_md = md5 serial = ./my_ca/certs.seq new_certs_dir = ./my_ca/certs database = ./my_ca/certs.db ... # empty section [empty]
2. Using named default section - You can put all "ca" command options in a named section, like "[my_ca_default]", in the configuration file. Then you can set "default_ca=my_ca_default" in the unnamed section. For example:
# Unnamed section of generic options ... default_ca = my_ca_default # default section for "ca" command options [my_ca_default] default_md = md5 serial = ./my_ca/certs.seq new_certs_dir = ./my_ca/certs database = ./my_ca/certs.db ...
3. Using named default section and [ca] section - You can put all "ca" command options in a named section, like "[my_ca_default]", in the configuration file. Then you can set "default_ca=my_ca_default" in the [ca] section. For example:
# Unnamed section of generic options ... # section for the "default_ca" option [ca] default_ca = my_ca_default # default section for "ca" command options [my_ca_default] default_md = md5 serial = ./my_ca/certs.seq new_certs_dir = ./my_ca/certs database = ./my_ca/certs.db ...
4. Using named section used by the command line - You can put all "ca" command options in a named section, like "[my_ca_internal]", in the configuration file. Then you use "ca -name=my_ca_internal" command line to access them. For example:
# Unnamed section of generic options ... # section for the "default_ca" option [ca] default_ca = my_ca_default # default section for "ca" command options [my_ca_default] # section for "ca" command options for internal certificates [my_ca_internal] default_md = md5 serial = ./my_ca_internal/certs.seq new_certs_dir = ./my_ca_internal/certs database = ./my_ca_internal/certs.db ...
⇒ OpenSSL "ca" Error "lookup failed for ca::default_ca"
2016-09-09, 2169👍, 0💬
Popular Posts:
Certificate summary - Owner: *.mediafire.com, "MediaFire, LLC", L=Shenandoah, ST=Texas, US Issuer: T...
Certificate summary - Owner: Entrust Root Certification Authority, "(c) 2006 Entrust, Inc.", www.ent...
Certificate summary - Owner: EMAILADDRESS=eDell_Produ ction_Management@dell.co m,www.dell.com, IT, De...
How to download OpenSSL for Windows? I heard that OpenSSL is a nice free tool to manage keys and cer...
Certificate Summary: Subject: Deutsche Telekom Root CA 2 Issuer: Deutsche Telekom Root CA 2 Expirati...