![]() Tags activity trace AFFINITY alter amqsevt application application trace backup capacity planning certificate certificates change events Clients CLNTWGHT CLSSDRA clustering colour CORS create csv delete Display connections Elasticsearch Elliptic Curve Enclave events get GROUPS ispf java JMS JMX Kibana Liberty linux man pages MDB Midrange migration monitoring MQ mqconsole mq reason code mq reconnect MQCNO mqstrerror mqweb offload messages openssl OSGI PCF PDS PDSE performance put Python RACF reconnection rest RSA scalability self signed server setmqaut Shared queue SMF SSLCIPH statistics su. KeyUsage = nonRepudiation, digitalSignature, keyEncipherment KeyUsage = digitalSignature, keyEncipherment OrganizationalUnitName_default = Server Research DepartmentĪuthorityKeyIdentifier = keyid:always, issuer ![]() OrganizationalUnitName = Organizational Unit (eg, division) OrganizationName = Organization Name (eg, company) StateOrProvinceName = State or Province Name (full name) # several certificates with same subject.ĭistinguished_name = ca_distinguished_nameĬountryName = Country Name (2 letter code) Unique_subject = no # Set to ‘no’ to allow creation of Serial = $base_dir/serial.txt # The current serial number New_certs_dir = $base_dir # Location for new certs after signingĭatabase = $base_dir/index.txt # Database index file Private_key = $base_dir/cakey.pem # The CA private key track-heap-objects -unhandled-rejectionsmode -use-bundled-ca, -use-openssl-ca -use-largepagesmode -v8-options -v8-pool-sizenum -watch. X509_extensions = ca_extensions # The extensions to add to the certĮmail_in_dn = no # Don’t concat the email in the DNĬopy_extensions = copy # Required to copy SANs from CSR to certĬertificate = $base_dir/cacert.pem # The CA certifcate ![]() ![]() Presumably the openssl x509 -req version has similar behaviors. Default_ca = CA_default # The default ca sectionĭefault_days = 1000 # How long to certify forĭefault_crl_days = 30 # How long before next CRLĭefault_md = sha256 # Use public key default MD For the openssl ca command the extensions are not copied from the CSR to the certificate unless they are included in the copyextensions list within the active configuration ( ). ![]()
0 Comments
Leave a Reply. |