| @@ -1,14 +1,14 @@ | | | @@ -1,14 +1,14 @@ |
1 | # $NetBSD: pkgsrc.cnf,v 1.2 2009/02/02 12:49:16 joerg Exp $ | | 1 | # $NetBSD: pkgsrc.cnf,v 1.3 2021/05/17 15:38:55 martin Exp $ |
2 | # | | 2 | # |
3 | # OpenSSL sample configuration file for use by pkgsrc.sh | | 3 | # OpenSSL sample configuration file for use by pkgsrc.sh |
4 | # | | 4 | # |
5 | | | 5 | |
6 | # This definition stops the following lines choking if HOME isn't | | 6 | # This definition stops the following lines choking if HOME isn't |
7 | # defined. | | 7 | # defined. |
8 | HOME = . | | 8 | HOME = . |
9 | RANDFILE = $ENV::HOME/.rnd | | 9 | RANDFILE = $ENV::HOME/.rnd |
10 | | | 10 | |
11 | #################################################################### | | 11 | #################################################################### |
12 | [ ca ] | | 12 | [ ca ] |
13 | default_ca = CA_default # The default ca section | | 13 | default_ca = CA_default # The default ca section |
14 | | | 14 | |
| @@ -67,29 +67,28 @@ emailAddress = optional | | | @@ -67,29 +67,28 @@ emailAddress = optional |
67 | # At this point in time, you must list all acceptable 'object' | | 67 | # At this point in time, you must list all acceptable 'object' |
68 | # types. | | 68 | # types. |
69 | [ policy_anything ] | | 69 | [ policy_anything ] |
70 | countryName = optional | | 70 | countryName = optional |
71 | stateOrProvinceName = optional | | 71 | stateOrProvinceName = optional |
72 | localityName = optional | | 72 | localityName = optional |
73 | organizationName = optional | | 73 | organizationName = optional |
74 | organizationalUnitName = optional | | 74 | organizationalUnitName = optional |
75 | commonName = supplied | | 75 | commonName = supplied |
76 | emailAddress = optional | | 76 | emailAddress = optional |
77 | | | 77 | |
78 | #################################################################### | | 78 | #################################################################### |
79 | [ req ] | | 79 | [ req ] |
80 | default_bits = 2048 | | 80 | default_bits = 4096 |
81 | default_keyfile = privkey.pem | | 81 | default_keyfile = privkey.pem |
82 | default_md = sha1 | | | |
83 | distinguished_name = req_distinguished_name | | 82 | distinguished_name = req_distinguished_name |
84 | x509_extensions = v3_ca # The extentions to add to the self signed cert | | 83 | x509_extensions = v3_ca # The extentions to add to the self signed cert |
85 | | | 84 | |
86 | string_mask = utf8only | | 85 | string_mask = utf8only |
87 | | | 86 | |
88 | [ req_distinguished_name ] | | 87 | [ req_distinguished_name ] |
89 | countryName = Country Name (2 letter code) | | 88 | countryName = Country Name (2 letter code) |
90 | countryName_default = AU | | 89 | countryName_default = AU |
91 | countryName_min = 2 | | 90 | countryName_min = 2 |
92 | countryName_max = 2 | | 91 | countryName_max = 2 |
93 | | | 92 | |
94 | stateOrProvinceName = State or Province Name (full name) | | 93 | stateOrProvinceName = State or Province Name (full name) |
95 | stateOrProvinceName_default = Some-State | | 94 | stateOrProvinceName_default = Some-State |