diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2009-04-04 19:54:06 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2009-04-04 19:54:06 +0000 |
commit | 06ddf8eb08af58e00032a5f8d381d837b82fa644 (patch) | |
tree | 581fedb7f7a0bad6cb721905ebbc42d0c5086ca1 /apps/openssl.cnf | |
parent | 71fca64d96003e2683eec65dab4df124a642431b (diff) |
Updates from 1.0.0-stable
Diffstat (limited to 'apps/openssl.cnf')
-rw-r--r-- | apps/openssl.cnf | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/apps/openssl.cnf b/apps/openssl.cnf index 7bcaa53ede..9d2cd5bfa5 100644 --- a/apps/openssl.cnf +++ b/apps/openssl.cnf @@ -231,7 +231,7 @@ keyUsage = nonRepudiation, digitalSignature, keyEncipherment subjectKeyIdentifier=hash -authorityKeyIdentifier=keyid:always,issuer:always +authorityKeyIdentifier=keyid:always,issuer # This is what PKIX recommends but some broken software chokes on critical # extensions. @@ -264,7 +264,7 @@ basicConstraints = CA:true # Only issuerAltName and authorityKeyIdentifier make any sense in a CRL. # issuerAltName=issuer:copy -authorityKeyIdentifier=keyid:always,issuer:always +authorityKeyIdentifier=keyid:always [ proxy_cert_ext ] # These extensions should be added when creating a proxy certificate @@ -297,7 +297,7 @@ nsComment = "OpenSSL Generated Certificate" # PKIX recommendations harmless if included in all certificates. subjectKeyIdentifier=hash -authorityKeyIdentifier=keyid,issuer:always +authorityKeyIdentifier=keyid,issuer # This stuff is for subjectAltName and issuerAltname. # Import the email address. |