Modification for production
This commit is contained in:
root
parent
4d1918a530
commit
e2173a7d44
6 changed files with 40 additions and 18 deletions
|
|
@ -39,7 +39,7 @@ default_ca = CA_default # The default ca section
|
|||
####################################################################
|
||||
[ CA_default ]
|
||||
|
||||
dir = fic_pki #DIR # Where everything is kept
|
||||
dir = /srv/fic2014-server/misc//pki #DIR # Where everything is kept
|
||||
certs = $dir/certs # Where the issued certs are kept
|
||||
crl_dir = $dir/crl # Where the issued crl are kept
|
||||
database = $dir/index.txt # database index file.
|
||||
|
|
@ -147,7 +147,7 @@ organizationalUnitName = Organizational Unit Name (eg, section)
|
|||
organizationalUnitName_default = SRS
|
||||
|
||||
commonName = Common Name (e.g. server FQDN or YOUR name)
|
||||
commonName_default = toto#COMMONNAME
|
||||
commonName_default = FIC2014 Server #COMMONNAME
|
||||
commonName_max = 64
|
||||
|
||||
emailAddress = Email Address
|
||||
|
|
@ -176,7 +176,7 @@ basicConstraints=CA:FALSE
|
|||
# the certificate can be used for anything *except* object signing.
|
||||
|
||||
# This is OK for an SSL server.
|
||||
nsCertType = client #CERTTYPE
|
||||
nsCertType = server #CERTTYPE
|
||||
|
||||
# For an object signing certificate this would be used.
|
||||
# nsCertType = objsign
|
||||
|
|
|
|||
Reference in a new issue