mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-12-15 06:01:37 +08:00
Code Issues Packages Projects Releases Wiki Activity
c90451d89d
openssl/test/ocsp-tests/ca.cnf

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

35 lines
970 B
Plaintext
Raw Normal View History

s_server: test ocsp with "-cert_chain" Add a test to exercise the use of s_server with "-cert_chain" to construct an ocsp request. This new functionality was added in PR #22192. Testing: make V=1 TESTS='test_ocsp_cert_chain' test Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23101)
2023-12-20 13:15:17 +08:00
HOME = .
default_ca = ca
config_diagnostics = 1
####################################################################
[ req ]
x509_extensions = v3_ca
####################################################################
[ usr_cert ]
basicConstraints = critical, CA:FALSE
keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment
subjectKeyIdentifier = hash
##authorityInfoAccess = OCSP;URI:http://127.0.0.1:19254/ocsp
# we do not include aia in the cert.
# we use the s_server option "-status_url" to specify the url.
####################################################################
[ v3_ca ]
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always
basicConstraints = critical,CA:true
keyUsage = critical, cRLSign, keyCertSign
####################################################################
# Minimal CA entry to allow generation of CRLs.
[ ca ]
default_md = sha256
database = index.txt
crlnumber = crlnum.txt
Reference in New Issue Copy Permalink