Categories:
Android (13)
Apple Mac (27)
DH Keys (39)
DSA Keys (71)
EC Keys (2095)
Firefox (30)
General (10)
Google Chrome (25)
Intermediate CA (152)
Java VM (29)
JDK Keytool (28)
Microsoft CertUtil (29)
Microsoft Edge (9)
Mozilla CertUtil (21)
OpenSSL (236)
Other (7)
Portecle (38)
Publishers (6022)
Revoked Certificates (16)
Root CA (85)
RSA Keys (4917)
Tools (46)
Tutorial (1)
What Is (22)
Windows (127)
Collections:
Other Resources:
OpenSSL "policy" Options for "ca" Command
What are policy options in the configuration file for the OpenSSL "ca" command?
✍: FYIcenter.com
Policy options in the configuration file are used by the OpenSSL "ca" command
for 2 purposes:
Policy options must provided in a named section, like [my_ca_policy], in the configuration file. Then you can:
A policy option is defined with the DN field name and one of 3 possible values: "optional" - value not required for this DN field, "supplied" - value required for this DN field, "match" - value must match between subject and issuer.
Below is a good example of policy option section. It requires only the "commonName" field to have value. And "commonName" will be listed as the first field in the subject.
# section for DN field validation and order [my_ca_policy] commonName = supplied countryName = optional stateOrProvinceName = optional localityName = optional organizationName = optional organizationalUnitName = optional emailAddress = optional
⇒ Simple Working Configuration File for OpenSSL "ca"
2016-09-04, 4038👍, 0💬
Popular Posts:
How to generate a CRL using the OpenSSL "ca" command? I need to publish the CRL to inform users abou...
Certificate summary - Owner: VeriSign Class 3 Public Primary Certification Authority - G5, "(c) 2006...
Certificate Summary: Subject: Go Daddy Class 2 Certification Authority Issuer: Go Daddy Class 2 Cert...
How to import a certificates to a system certificate store using "certmgr.exe" tool? You can import ...
Certificate summary - Owner: Entrust Root Certification Authority - G2, "(c) 2009 Entrust, Inc. - fo...