forked from rpms/openssl
44abf9d002
- mention EVP_aes and EVP_sha2xx routines in the manpages - add README.FIPS - make CA dir absolute path (#445344) - change default length for RSA key generation to 2048 (#484101)
52 lines
1.8 KiB
Diff
52 lines
1.8 KiB
Diff
--- openssl-0.9.8a/apps/openssl.cnf.defaults 2005-09-16 14:20:24.000000000 +0200
|
|
+++ openssl-0.9.8a/apps/openssl.cnf 2005-11-04 11:00:37.000000000 +0100
|
|
@@ -99,7 +99,8 @@
|
|
####################################################################
|
|
[ req ]
|
|
-default_bits = 1024
|
|
+default_bits = 2048
|
|
+default_md = sha1
|
|
default_keyfile = privkey.pem
|
|
distinguished_name = req_distinguished_name
|
|
attributes = req_attributes
|
|
@@ -116,23 +117,26 @@
|
|
# MASK:XXXX a literal mask value.
|
|
# WARNING: current versions of Netscape crash on BMPStrings or UTF8Strings
|
|
# so use this option with caution!
|
|
-string_mask = nombstr
|
|
+# we use PrintableString+UTF8String mask so if pure ASCII texts are used
|
|
+# the resulting certificates are compatible with Netscape
|
|
+string_mask = MASK:0x2002
|
|
|
|
# req_extensions = v3_req # The extensions to add to a certificate request
|
|
|
|
[ req_distinguished_name ]
|
|
countryName = Country Name (2 letter code)
|
|
-countryName_default = AU
|
|
+countryName_default = GB
|
|
countryName_min = 2
|
|
countryName_max = 2
|
|
|
|
stateOrProvinceName = State or Province Name (full name)
|
|
-stateOrProvinceName_default = Some-State
|
|
+stateOrProvinceName_default = Berkshire
|
|
|
|
localityName = Locality Name (eg, city)
|
|
+localityName_default = Newbury
|
|
|
|
0.organizationName = Organization Name (eg, company)
|
|
-0.organizationName_default = Internet Widgits Pty Ltd
|
|
+0.organizationName_default = My Company Ltd
|
|
|
|
# we can do this but it is not needed normally :-)
|
|
#1.organizationName = Second Organization Name (eg, company)
|
|
@@ -141,7 +145,7 @@
|
|
organizationalUnitName = Organizational Unit Name (eg, section)
|
|
#organizationalUnitName_default =
|
|
|
|
-commonName = Common Name (eg, YOUR name)
|
|
+commonName = Common Name (eg, your name or your server\'s hostname)
|
|
commonName_max = 64
|
|
|
|
emailAddress = Email Address
|