Categories:
Android (13)
Apple Mac (27)
DH Keys (39)
DSA Keys (83)
EC Keys (2389)
Firefox (30)
General (10)
Google Chrome (25)
Intermediate CA (152)
Java VM (29)
JDK Keytool (28)
Microsoft CertUtil (29)
Microsoft Edge (9)
Mozilla CertUtil (21)
OpenSSL (236)
Other (7)
Portecle (38)
Publishers (6528)
Revoked Certificates (16)
Root CA (85)
RSA Keys (5270)
Tools (46)
Tutorial (1)
What Is (22)
Windows (127)
Collections:
Other Resources:
OpenSSL "policy" Options for "ca" Command
What are policy options in the configuration file for the OpenSSL "ca" command?
✍: FYIcenter.com
Policy options in the configuration file are used by the OpenSSL "ca" command for 2 purposes:
Policy options must provided in a named section, like [my_ca_policy], in the configuration file. Then you can:
A policy option is defined with the DN field name and one of 3 possible values: "optional" - value not required for this DN field, "supplied" - value required for this DN field, "match" - value must match between subject and issuer.
Below is a good example of policy option section. It requires only the "commonName" field to have value. And "commonName" will be listed as the first field in the subject.
# section for DN field validation and order [my_ca_policy] commonName = supplied countryName = optional stateOrProvinceName = optional localityName = optional organizationName = optional organizationalUnitName = optional emailAddress = optional
⇒ Simple Working Configuration File for OpenSSL "ca"
2016-09-04, 4423👍, 0💬
Popular Posts:
How to generate self-signed certificate with getacert.com? Is it free? Generating a self-signed cert...
Certificate summary - Owner: moz.com, Terms of use at www.verisign.com/rpa (c)05, "SEOmoz, Inc", L=S...
How to export a keystore entry with Portecle? To export a keystore entry: Right-click on the keystor...
How to get a list of extended options supported by the "makecert.exe" command? I want to know more o...
Certificate Summary: Subject: *.google.com Issuer: Google Internet Authority G2 Expiration: 2015-12-...