Collections:
Other Resources:
OpenSSL "policy" Options for "ca" Command
What are policy options in the configuration file for the OpenSSL "ca" command?
✍: FYIcenter.com
Policy options in the configuration file are used by the OpenSSL "ca" command for 2 purposes:
Policy options must provided in a named section, like [my_ca_policy], in the configuration file. Then you can:
A policy option is defined with the DN field name and one of 3 possible values: "optional" - value not required for this DN field, "supplied" - value required for this DN field, "match" - value must match between subject and issuer.
Below is a good example of policy option section. It requires only the "commonName" field to have value. And "commonName" will be listed as the first field in the subject.
# section for DN field validation and order [my_ca_policy] commonName = supplied countryName = optional stateOrProvinceName = optional localityName = optional organizationName = optional organizationalUnitName = optional emailAddress = optional
⇒ Simple Working Configuration File for OpenSSL "ca"
2016-09-04, 4754🔥, 0💬
Popular Posts:
Certificate summary - Owner: ssl2921.cloudflare.com, "CloudFlare, Inc.", L=San Francisco, ST=CA, US ...
Certificate Summary: Subject: google.com Issuer: Google Internet Authority Expiration: 2013-06-07 19...
It is not always possible to submit a certificate request online to a certification authority (CA). ...
Certificate summary - Owner: *.creativecommons.org, Gandi Standard Wildcard SSL, Domain Control Vali...
Certificate Summary: Subject: Symantec Class 3 EV SSL CA - G3 Issuer: VeriSign Class 3 Public Primar...