mirror of
https://github.com/openssl/openssl.git
synced 2024-12-09 05:51:54 +08:00
23f3993127
OpenSSL 1.1.1 introduced a new CSPRNG with an improved seeding mechanism, which makes it dispensable to define a RANDFILE for saving and restoring randomness. This commit removes the RANDFILE declarations from our own configuration files and adds documentation that this option is not needed anymore and retained mainly for compatibility reasons. Fixes #10433 Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10436)
36 lines
980 B
INI
36 lines
980 B
INI
#
|
|
# SSLeay example configuration file.
|
|
# This is mostly being used for generation of certificate requests.
|
|
#
|
|
|
|
####################################################################
|
|
[ req ]
|
|
default_bits = 2048
|
|
default_keyfile = keySS.pem
|
|
distinguished_name = req_distinguished_name
|
|
encrypt_rsa_key = no
|
|
default_md = sha256
|
|
|
|
[ req_distinguished_name ]
|
|
countryName = Country Name (2 letter code)
|
|
countryName_default = AU
|
|
countryName_value = AU
|
|
|
|
organizationName = Organization Name (eg, company)
|
|
organizationName_value = Dodgy Brothers
|
|
|
|
0.commonName = Common Name (eg, YOUR name)
|
|
0.commonName_value = Brother 1
|
|
|
|
1.commonName = Common Name (eg, YOUR name)
|
|
1.commonName_value = Brother 2
|
|
|
|
2.commonName = Common Name (eg, YOUR name)
|
|
2.commonName_value = Proxy 1
|
|
|
|
[ v3_proxy ]
|
|
basicConstraints=CA:FALSE
|
|
subjectKeyIdentifier=hash
|
|
authorityKeyIdentifier=keyid,issuer:always
|
|
proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:1,policy:text:AB
|