Age | Commit message (Collapse) | Author | |
---|---|---|---|
2011-12-06 | The default CN prompt message can be confusing when often the CN needs to | Dr. Stephen Henson | |
be the server FQDN: change it. [Reported by PSW Group] | |||
2009-04-04 | Change default openssl.cnf to only use issuer+serial option in AKID if no | Dr. Stephen Henson | |
SKID. | |||
2006-11-07 | Don't add the TS EKU by default in openssl.cnf because it then | Dr. Stephen Henson | |
makes certificates genereated by ca, CA.pl etc useless for anything else. | |||
2006-05-07 | Add support for default public key digest type ctrl. | Dr. Stephen Henson | |
2006-02-12 | RFC 3161 compliant time stamp request creation, response generation | Ulf Möller | |
and response verification. Submitted by: Zoltan Glozik <zglozik@opentsa.org> Reviewed by: Ulf Moeller | |||
2005-09-16 | Change openssl.cnf to use UTF8Strings by default and not always include issuer | Dr. Stephen Henson | |
and serial versions of AKID. | |||
2005-04-02 | use SHA-1 as the default digest for the apps/openssl commands | Nils Larsch | |
2004-12-28 | Add functionality needed to process proxy certificates. | Richard Levitte | |
2003-06-19 | Implement CRL numbers. | Richard Levitte | |
Contributed in whole by Laurent Genier <Laurent.Genier@intrinsec.com> PR: 644 | |||
2003-04-03 | Make it possible to have multiple active certificates with the same | Richard Levitte | |
subject. | |||
2001-04-11 | Show an example of moving the emailAddress object from the subkect DN | Richard Levitte | |
to subjectAltName when signing a certificate. | |||
2001-03-16 | Add copy_extensions option to 'ca' utility. | Dr. Stephen Henson | |
2001-03-15 | Add 'align' option to nameopt. | Dr. Stephen Henson | |
Add default values for display by the 'ca' utility to openssl.cnf Update docs. | |||
2001-03-04 | increase emailAddress_max | Bodo Möller | |
2000-01-06 | Initial automation changes to 'req' and X509_ATTRIBUTE functions. | Dr. Stephen Henson | |
2000-01-01 | Fix some of the command line password stuff. New function | Dr. Stephen Henson | |
that can automatically determine the type of a DER encoded "traditional" format private key and change some of the d2i functions to use it instead of requiring the application to work out the key type. | |||
1999-12-24 | Allow passwords to be included on command line for a few | Dr. Stephen Henson | |
more utilities. | |||
1999-10-27 | Continued multibyte character support. | Dr. Stephen Henson | |
Add a bunch of functions to simplify the creation of X509_NAME structures. Change the X509_NAME_entry_add stuff in req/ca so it no longer uses X509_NAME_entry_count(): passing -1 has the same effect. | |||
1999-08-25 | Allow extensions to be added to certificate requests, update the sample | Dr. Stephen Henson | |
config file (change RAW to DER). | |||
1999-08-08 | consistent style | Ralf S. Engelschall | |
1999-05-19 | Include some notes on basic extension usage and change openssl.cnf to usually | Dr. Stephen Henson | |
do sensible things with extensions. | |||
1999-05-17 | Rename "openssl x509" option "-config" to "-extfile", because it | Bodo Möller | |
doesn't have a default value like the "-config" options of other openssl subprograms. | |||
1999-05-16 | Added a comment pointing out the behaviour of "openssl x509 -conf ...", | Bodo Möller | |
which cost me some time to find out about. | |||
1999-03-06 | Added support for adding extensions to CRLs, also fix a memory leak and | Dr. Stephen Henson | |
make 'req' check the config file syntax before it adds extensions. Added info in the documentation as well. | |||
1999-02-23 | Redo the way 'req' and 'ca' add objects: add support for oid_section. | Dr. Stephen Henson | |
1999-02-21 | Add more functionality to issuer alt name and subject alt name. New options | Dr. Stephen Henson | |
to include email addresses from DN and copy details from issuer certificate. Include examples in openssl.cnf, update Win32 ordinals. | |||
1999-02-17 | Oops! Remeber to include the other patches this time... | Dr. Stephen Henson | |
1999-02-14 | Add support for raw extensions. This means that you can include the DER encoding | Dr. Stephen Henson | |
of an arbitrary extension: e.g. 1.3.4.5=critical,RAW:12:34:56 Using this technique currently unsupported extensions can be generated if you know their DER encoding. Even if the extension is supported in future the raw extension will still work: that is the raw version can always be used even if it is a supported extension. | |||
1999-02-10 | More extension code. Incomplete support for subject and issuer alt | Dr. Stephen Henson | |
name, issuer and authority key id. Change the i2v function parameters and add an extra 'crl' parameter in the X509V3_CTX structure: guess what that's for :-) Fix to ASN1 macro which messed up IMPLICIT tag and add f_enum.c which adds a2i, i2a for ENUMERATED. | |||
1999-01-26 | Still more X509 V3 stuff. Modify ca.c to work with the new code and modify | Dr. Stephen Henson | |
openssl.cnf for the new syntax. | |||
1999-01-25 | More X509 V3 stuff. Add support for extensions in the 'req' application | Dr. Stephen Henson | |
so that: openssl req -x509 -new -out cert.pem will take extensions from openssl.cnf a sample for a CA is included. Also change the directory order so pem is nearer the end. Otherwise 'make links' wont work because pem.h can't be built. | |||
1999-01-02 | First cut of a cleanup for apps/. First the `ssleay' program is now named | Ralf S. Engelschall | |
`openssl' and second, the shortcut symlinks for the `openssl <command>' are no longer created. This way we have a single and consistent command line interface `openssl <command>', similar to `cvs <command>'. Notice, the openssl.cnf, openssl.c and progs.pl files were changed after a repository copy, i.e. they still contain the complete file history. | |||
1998-12-21 | Import of old SSLeay release: SSLeay 0.9.1b (unreleased)SSLeay | Ralf S. Engelschall | |
1998-12-21 | Import of old SSLeay release: SSLeay 0.8.1b | Ralf S. Engelschall | |