Categories:
Android (13)
Apple Mac (27)
DH Keys (39)
DSA Keys (70)
EC Keys (914)
Firefox (30)
General (10)
Google Chrome (25)
Intermediate CA (152)
Java VM (29)
JDK Keytool (28)
Microsoft CertUtil (29)
Microsoft Edge (9)
Mozilla CertUtil (21)
OpenSSL (236)
Other (7)
Portecle (38)
Publishers (3180)
Revoked Certificates (16)
Root CA (85)
RSA Keys (2556)
Tools (46)
Tutorial (1)
What Is (22)
Windows (127)
Collections:
Other Resources:
OpenSSL "policy" Options for "ca" Command
What are policy options in the configuration file for the OpenSSL "ca" command?
✍: FYIcenter.com
Policy options in the configuration file are used by the OpenSSL "ca" command
for 2 purposes:
Policy options must provided in a named section, like [my_ca_policy], in the configuration file. Then you can:
A policy option is defined with the DN field name and one of 3 possible values: "optional" - value not required for this DN field, "supplied" - value required for this DN field, "match" - value must match between subject and issuer.
Below is a good example of policy option section. It requires only the "commonName" field to have value. And "commonName" will be listed as the first field in the subject.
# section for DN field validation and order [my_ca_policy] commonName = supplied countryName = optional stateOrProvinceName = optional localityName = optional organizationName = optional organizationalUnitName = optional emailAddress = optional
⇒ Simple Working Configuration File for OpenSSL "ca"
2016-09-04, 2862👍, 0💬
Popular Posts:
Where to find tutorials on using OpenSSL "ans1parse" command? Here is a collection of tutorials on u...
How to get a list of extended options supported by the "makecert.exe" command? I want to know more o...
How to view detailed information of a certificate in Firefox? I want to know in which country the ow...
What certificates are included in the Java 7 default trusted certificate keystore file: "cacerts"? F...
Certificate Summary: Subject: Entrust.net Secure Server Certification Authority Issuer: Entrust.net ...