net/data/ssl/certificates/openssl_ca.cnf - Issue 4646001: Implement LoadTemporaryRoot for Windows

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: net/data/ssl/certificates/openssl_ca.cnf

Issue 4646001: Implement LoadTemporaryRoot for Windows (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/net/base

Patch Set: New Win method & unittests Created 10 years, 1 month ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

OLD	NEW
(Empty)
	1 [ca]

	2 default_ca = CA_root

	3

	4 # The default test root, used to generate certificates and CRLs.

	5 [CA_root]

	6 dir = ./root_ca

	7 database = $dir/index.txt

	8 new_certs_dir = $dir/newcerts

	9 serial = $dir/serial

	10 certificate = $dir/cacert.pem

	11 private_key = $dir/private/cacert.key

	12 RANDFILE = $dir/private/.rand

	13

	14 default_days = 365

	15 default_crl_days = 30

	16 default_md = sha1

	17 policy = policy_anything

	18

	19 [user_cert]

	20 # Extensions to add when signing a request for an EE cert

	21 basicConstraints = CA:false

	22 subjectKeyIdentifier = hash

	23 authorityKeyIdentifier = keyid,issuer:always
	wtc 2010/11/23 00:30:11 We probably should not include 'issuer'. Having ' We probably should not include 'issuer'. Having 'keyid' should be enough. This comment also applies to lines 29 and 33 below in the ca_cert and crl_extensions sections. I suggest looking at certificates and CRLs issued by a real CA such as VeriSign as examples.
	24

	25 [ca_cert]

	26 # Extensions to add when signing a request for an intermediate/CA cert

	27 basicConstraints = CA:true

	28 subjectKeyIdentifier = hash

	29 authorityKeyIdentifier = keyid,issuer:always

	30

	31 [crl_extensions]

	32 # Extensions to add when signing a CRL

	33 authorityKeyIdentifier = keyid:always,issuer:always

	34

	35 [policy_anything]

	36 countryName = optional

	37 stateOrProvinceName = optional

	38 localityName = optional

	39 organizationName = optional

	40 organizationalUnitName = optional

	41 commonName = supplied

	42 emailAddress = optional

OLD	NEW