aboutsummaryrefslogtreecommitdiff
path: root/apps/openssl.cnf
AgeCommit message (Collapse)AuthorFilesLines
2009-04-04Updates from 1.0.0-stableDr. Stephen Henson1-3/+3
2006-11-07Don't add the TS EKU by default in openssl.cnf because it thenDr. Stephen Henson1-1/+1
makes certificates genereated by ca, CA.pl etc useless for anything else.
2006-05-07Add support for default public key digest type ctrl.Dr. Stephen Henson1-1/+1
2006-02-12RFC 3161 compliant time stamp request creation, response generationUlf Möller1-1/+39
and response verification. Submitted by: Zoltan Glozik <zglozik@opentsa.org> Reviewed by: Ulf Moeller
2005-09-16Change openssl.cnf to use UTF8Strings by default and not always include issuerDr. Stephen Henson1-6/+5
and serial versions of AKID.
2005-04-02use SHA-1 as the default digest for the apps/openssl commandsNils Larsch1-1/+1
2004-12-28Add functionality needed to process proxy certificates.Richard Levitte1-0/+53
2003-06-19Implement CRL numbers.Richard Levitte1-0/+3
Contributed in whole by Laurent Genier <Laurent.Genier@intrinsec.com> PR: 644
2003-04-03Make it possible to have multiple active certificates with the sameRichard Levitte1-0/+2
subject.
2001-04-11Show an example of moving the emailAddress object from the subkect DNRichard Levitte1-0/+3
to subjectAltName when signing a certificate.
2001-03-16Add copy_extensions option to 'ca' utility.Dr. Stephen Henson1-0/+3
2001-03-15Add 'align' option to nameopt.Dr. Stephen Henson1-0/+5
Add default values for display by the 'ca' utility to openssl.cnf Update docs.
2001-03-04increase emailAddress_maxBodo Möller1-1/+1
2000-01-06Initial automation changes to 'req' and X509_ATTRIBUTE functions.Dr. Stephen Henson1-4/+3
2000-01-01Fix some of the command line password stuff. New functionDr. Stephen Henson1-1/+3
that can automatically determine the type of a DER encoded "traditional" format private key and change some of the d2i functions to use it instead of requiring the application to work out the key type.
1999-12-24Allow passwords to be included on command line for a fewDr. Stephen Henson1-0/+7
more utilities.
1999-10-27Continued multibyte character support.Dr. Stephen Henson1-0/+11
Add a bunch of functions to simplify the creation of X509_NAME structures. Change the X509_NAME_entry_add stuff in req/ca so it no longer uses X509_NAME_entry_count(): passing -1 has the same effect.
1999-08-25Allow extensions to be added to certificate requests, update the sampleDr. Stephen Henson1-3/+14
config file (change RAW to DER).
1999-08-08consistent styleRalf S. Engelschall1-1/+1
1999-05-19Include some notes on basic extension usage and change openssl.cnf to usuallyDr. Stephen Henson1-19/+27
do sensible things with extensions.
1999-05-17Rename "openssl x509" option "-config" to "-extfile", because itBodo Möller1-1/+1
doesn't have a default value like the "-config" options of other openssl subprograms.
1999-05-16Added a comment pointing out the behaviour of "openssl x509 -conf ...",Bodo Möller1-0/+7
which cost me some time to find out about.
1999-03-06Added support for adding extensions to CRLs, also fix a memory leak andDr. Stephen Henson1-0/+9
make 'req' check the config file syntax before it adds extensions. Added info in the documentation as well.
1999-02-23Redo the way 'req' and 'ca' add objects: add support for oid_section.Dr. Stephen Henson1-1/+10
1999-02-21Add more functionality to issuer alt name and subject alt name. New optionsDr. Stephen Henson1-0/+12
to include email addresses from DN and copy details from issuer certificate. Include examples in openssl.cnf, update Win32 ordinals.
1999-02-17Oops! Remeber to include the other patches this time...Dr. Stephen Henson1-0/+6
1999-02-14Add support for raw extensions. This means that you can include the DER encodingDr. Stephen Henson1-0/+5
of an arbitrary extension: e.g. 1.3.4.5=critical,RAW:12:34:56 Using this technique currently unsupported extensions can be generated if you know their DER encoding. Even if the extension is supported in future the raw extension will still work: that is the raw version can always be used even if it is a supported extension.
1999-02-10More extension code. Incomplete support for subject and issuer altDr. Stephen Henson1-0/+5
name, issuer and authority key id. Change the i2v function parameters and add an extra 'crl' parameter in the X509V3_CTX structure: guess what that's for :-) Fix to ASN1 macro which messed up IMPLICIT tag and add f_enum.c which adds a2i, i2a for ENUMERATED.
1999-01-26Still more X509 V3 stuff. Modify ca.c to work with the new code and modifyDr. Stephen Henson1-11/+36
openssl.cnf for the new syntax.
1999-01-25More X509 V3 stuff. Add support for extensions in the 'req' applicationDr. Stephen Henson1-0/+9
so that: openssl req -x509 -new -out cert.pem will take extensions from openssl.cnf a sample for a CA is included. Also change the directory order so pem is nearer the end. Otherwise 'make links' wont work because pem.h can't be built.
1999-01-02First cut of a cleanup for apps/. First the `ssleay' program is now namedRalf S. Engelschall1-3/+3
`openssl' and second, the shortcut symlinks for the `openssl <command>' are no longer created. This way we have a single and consistent command line interface `openssl <command>', similar to `cvs <command>'. Notice, the openssl.cnf, openssl.c and progs.pl files were changed after a repository copy, i.e. they still contain the complete file history.
1998-12-21Import of old SSLeay release: SSLeay 0.9.1b (unreleased)SSLeayRalf S. Engelschall1-0/+3
1998-12-21Import of old SSLeay release: SSLeay 0.8.1bRalf S. Engelschall1-0/+116
generated by cgit v1.1 at 2024-08-11 05:17:23 +0000