beautypg.com

Sun Microsystems 5.1.1 User Manual

Page 39

background image

Chapter 4

Section 4.4

Operating SSL

Using the OpenSSL Utility

HTTPS eWay Adapter User’s Guide

39

Sun Microsystems, Inc.

# This is mostly being used for generation of certificate requests.
#

RANDFILE = .rnd

####################################################################
[ ca ]
default_ca= CA_default# The default ca section

####################################################################
[ CA_default ]

dir

= G:\\openssl\\\bin\\demoCA# Where everything is kept

certs

= $dir\\certs

# Where the issued certs are kept

crl_dir= $dir\\crl

# Where the issued crl are kept

database= $dir\\index.txt# database index file.
new_certs_dir= $dir\\newcerts# default place for new certs.

certificate= $dir\\cacert.pem

# The CA certificate

serial

= $dir\\serial

# The current serial number

crl

= $dir\\crl.pem

# The current CRL

private_key= $dir\\private\\cakey.pem

# The private key

RANDFILE= $dir\\private\\private.rnd # private random number file

x509_extensions= x509v3_extensions# The extentions to add to the cert
default_days= 365

# how long to certify for

default_crl_days= 30# how long before next CRL
default_md= md5

# which md to use.

preserve = no

# keep passed DN ordering

# A few difference way of specifying how similar the request should l
ook
# For type CA, the listed attributes must be the same, and the option
al
# and supplied fields are just that :-)
policy

= policy_match

# For the CA policy
[ policy_match ]
countryName

= match

stateOrProvinceName= match
organizationName= match
organizationalUnitName= optional
commonName

= supplied

emailAddress = optional

# For the 'anything' policy
# At this point in time, you must list all acceptable 'object'
# types.
[ policy_anything ]
countryName= optional
stateOrProvinceName= optional
localityName= optional
organizationName= optional
organizationalUnitName= optional
commonName

= supplied

emailAddress = optional

####################################################################
[ req ]
default_bits= 1024
default_keyfile = privkey.pem
distinguished_name= req_distinguished_name
attributes= req_attributes

See also other documents in the category Sun Microsystems Hardware: