summaryrefslogtreecommitdiffstats
path: root/apps/openssl-vms.cnf
diff options
context:
space:
mode:
Diffstat (limited to 'apps/openssl-vms.cnf')
-rw-r--r--apps/openssl-vms.cnf6
1 files changed, 3 insertions, 3 deletions
diff --git a/apps/openssl-vms.cnf b/apps/openssl-vms.cnf
index 52ade56653..20ed61bc3e 100644
--- a/apps/openssl-vms.cnf
+++ b/apps/openssl-vms.cnf
@@ -231,7 +231,7 @@ keyUsage = nonRepudiation, digitalSignature, keyEncipherment
subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid:always,issuer:always
+authorityKeyIdentifier=keyid:always,issuer
# This is what PKIX recommends but some broken software chokes on critical
# extensions.
@@ -264,7 +264,7 @@ basicConstraints = CA:true
# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
# issuerAltName=issuer:copy
-authorityKeyIdentifier=keyid:always,issuer:always
+authorityKeyIdentifier=keyid:always
[ proxy_cert_ext ]
# These extensions should be added when creating a proxy certificate
@@ -297,7 +297,7 @@ nsComment = "OpenSSL Generated Certificate"
# PKIX recommendations harmless if included in all certificates.
subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
+authorityKeyIdentifier=keyid,issuer
# This stuff is for subjectAltName and issuerAltname.
# Import the email address.
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-31 20:17:36 +0000