Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(184)

Side by Side Diff: net/data/ssl/scripts/redundant-ca.cnf

Issue 1557133002: Perform CRLSet evaluation during Path Building on Windows (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: More tests Created 4 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
1 CA_DIR = out 1 CA_DIR = out
2 2
3 [ca] 3 [ca]
4 default_ca = CA_root 4 default_ca = CA_root
5 preserve = yes 5 preserve = yes
6 6
7 # The default test root, used to generate certificates and CRLs. 7 # The default test root, used to generate certificates and CRLs.
8 [CA_root] 8 [CA_root]
9 dir = ${ENV::CA_DIR} 9 dir = ${ENV::CA_DIR}
10 database = ${dir}/${ENV::CERTIFICATE}-index.txt 10 database = ${dir}/${ENV::CERTIFICATE}-index.txt
(...skipping 12 matching lines...) Expand all
23 # Extensions to add when signing a request for an EE cert 23 # Extensions to add when signing a request for an EE cert
24 basicConstraints = critical, CA:false 24 basicConstraints = critical, CA:false
25 subjectKeyIdentifier = hash 25 subjectKeyIdentifier = hash
26 authorityKeyIdentifier = keyid:always 26 authorityKeyIdentifier = keyid:always
27 extendedKeyUsage = serverAuth,clientAuth 27 extendedKeyUsage = serverAuth,clientAuth
28 28
29 [ca_cert] 29 [ca_cert]
30 # Extensions to add when signing a request for an intermediate/CA cert 30 # Extensions to add when signing a request for an intermediate/CA cert
31 basicConstraints = critical, CA:true 31 basicConstraints = critical, CA:true
32 subjectKeyIdentifier = hash 32 subjectKeyIdentifier = hash
33 #authorityKeyIdentifier = keyid:always
34 keyUsage = critical, keyCertSign, cRLSign 33 keyUsage = critical, keyCertSign, cRLSign
35 34
35 [ca_cert_with_aki]
36 # Extensions to add when signing a request for an intermediate/CA cert
37 basicConstraints = critical, CA:true
38 subjectKeyIdentifier = hash
39 authorityKeyIdentifier = keyid:always
40 keyUsage = critical, keyCertSign, cRLSign
41
42
36 [crl_extensions] 43 [crl_extensions]
37 # Extensions to add when signing a CRL 44 # Extensions to add when signing a CRL
38 authorityKeyIdentifier = keyid:always 45 authorityKeyIdentifier = keyid:always
39 46
40 [policy_anything] 47 [policy_anything]
41 # Default signing policy 48 # Default signing policy
42 countryName = optional 49 countryName = optional
43 stateOrProvinceName = optional 50 stateOrProvinceName = optional
44 localityName = optional 51 localityName = optional
45 organizationName = optional 52 organizationName = optional
46 organizationalUnitName = optional 53 organizationalUnitName = optional
47 commonName = optional 54 commonName = optional
48 emailAddress = optional 55 emailAddress = optional
49 56
50 [req] 57 [req]
51 # The request section used to generate certificate requests. 58 # The request section used to generate certificate requests.
52 default_bits = 2048 59 default_bits = 2048
53 default_md = sha256 60 default_md = sha256
54 string_mask = utf8only 61 string_mask = utf8only
55 prompt = no 62 prompt = no
56 encrypt_key = no 63 encrypt_key = no
57 distinguished_name = req_env_dn 64 distinguished_name = req_env_dn
58 65
59 [req_env_dn] 66 [req_env_dn]
60 CN = ${ENV::CA_COMMON_NAME} 67 CN = ${ENV::CA_COMMON_NAME}
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698