openssl/test/Uss.cnf
Dr. Matthias St. Pierre 23f3993127 Remove RANDFILE settings from configuration files
OpenSSL 1.1.1 introduced a new CSPRNG with an improved seeding
mechanism, which makes it dispensable to define a RANDFILE for
saving and restoring randomness. This commit removes the RANDFILE
declarations from our own configuration files and adds documentation
that this option is not needed anymore and retained mainly for
compatibility reasons.

Fixes #10433

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10436)
2019-11-24 08:35:14 +01:00

41 lines
999 B
INI

#
# SSLeay example configuration file.
# This is mostly being used for generation of certificate requests.
#
CN2 = Brother 2
####################################################################
[ req ]
default_bits = 2048
default_keyfile = keySS.pem
distinguished_name = req_distinguished_name
encrypt_rsa_key = no
default_md = sha256
prompt = no
[ req_distinguished_name ]
countryName = AU
organizationName = Dodgy Brothers
0.commonName = Brother 1
1.commonName = $ENV::CN2
[ v3_ee ]
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer:always
basicConstraints = CA:false
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
[ v3_ee_dsa ]
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always
basicConstraints = CA:false
keyUsage = nonRepudiation, digitalSignature
[ v3_ee_ec ]
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always
basicConstraints = CA:false
keyUsage = nonRepudiation, digitalSignature, keyAgreement