[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

RE: CA Issues





Hi this is the contents of the file openssl.cnf as I have typed it:
 
#-------Begin---------
#
#OpenSSL configuration file.
[ ca ]
default_ca = CA_default
[ CA_default ]
dir= /root/CA
serial = $dir/serial
database = $dir/index.txt
new_certs_dir = $dir/newcerts
certificate = $dir/cacert.pem
private_key = $dir/private/cakey.pem
default_days               = 365
default_md                 = md5
preserve                   = no
email_in_dn     = no
nameopt      = default_ca
certopt      = default_ca
policy       = policy_match
 
[ policy_match ]
countryName                = match
stateOrProvinceName        = match
organizationName           = match
organizationalUnitName     = optional
commonName                 = supplied
emailAddress               = optional
 
[ req ]
default_bits = 1024 # Size of keys
default_keyfile = key.pem # name of generated keys
default_md = md5 # message digest algorithm
string_mask = nombstr # permitted characters 
distinguished_name = req_distinguished_name
req_extensions     = v3_req
[ req_distinguished_name ]
# Variable name          Prompt string
#---------------------  -------------------------------
O.organizationName      = Organization Name (company)
organizationalUnitName  = Organizational Unit Name (department, division)
emailAddress            = Email Address
emailAddress_max= 40
localityName            = Locality Name (city, district)
stateOrProvinceName     = State or Province Name (full name)
countryName             = Country Name (2 letter code)
countryName_min         = 2
countryName_max         = 2
commonName              = Common Name (hostname, IP, or your name)
commonName_max          = 64
# Default values for the above info
# Variable name                Value
#--------------------          -------------------------
O.organizationName_default     = Paddys Computer Services
localityName_default         = New Zealand
stateOrProvinceName_default  = Timaru
countryName_default          = NZ
[ v3_ca ]
basicConstraints = CA: TRUE
subjectKeyIdentifier   = hash
authorityKeyIdentifier = keyid:always,issuer:always
[ v3_req ]
basicConstraints= CA: FALSE
subjectKeyIdentifier = hash
 
#-------End-------
 
 
All the directories and files exist   


> From: chris-usenet@roaima.co.uk
> Subject: Re: CA Issues
> Date: Fri, 28 Oct 2011 16:16:46 +0100
> To: debian-user@lists.debian.org
> 
> Paddy Tollan <ptollan@hotmail.com> wrote:
> > first sorry for the HTML the output from the output of ls -l /root/CA/* is
> [...]
> > -rw-r--r-- 1 root root 2110 openssl.cnf
> 
> 
> It seems that your keyboard has run out of fullstops and commas. Can
> I please suggest that you get it filled up again, so that your writing
> becomes easier to understand.
> 
> That's not the openssl.cnf available following instructions at
> http://www.eclectica.ca/howto/ssl-cert-howto.php#summy for download at
> ftp://ftp.binarytool.com/pub/linux/ssl/openssl.cnf. Even if you have
> copied and pasted, and included the (invalid) Begin/End labels, that
> should still be only 1932 bytes.
> 
> Can you tell us how you have customised it?
> 
> Cheers,
> Chris
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org 
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> Archive: [🔎] tjtqn8x18g.ln2@news.roaima.co.uk">http://lists.debian.org/[🔎] tjtqn8x18g.ln2@news.roaima.co.uk
>  		 	   		  

Reply to: