mirror of
https://github.com/php/php-src.git
synced 2024-09-22 18:37:25 +00:00
17f6391bf8
Switch to SHA1, which match internal openssl hardcoded algo. In most case, won't even be noticed - priority on user input (default_md) - fallback on system config - fallback on this default value Recent system reject MD5 digest, noticed in bug36732.phpt failure. While SHA1 is better than MD5, SHA256 is recommenced, and defined as default algo in provided configuration on recent system (Fedora 21, RHEL-7, ...). But the idea is to keep in sync with openssl internal value for PHP internal value.
44 lines
1.2 KiB
INI
44 lines
1.2 KiB
INI
[ req ]
|
|
default_bits = 1024
|
|
default_keyfile = privkey.pem
|
|
distinguished_name = req_distinguished_name
|
|
attributes = req_attributes
|
|
x509_extensions = v3_ca # The extensions to add to the self signed cert
|
|
string_mask = MASK:4294967295
|
|
|
|
|
|
[ req_distinguished_name ]
|
|
countryName = Country Name (2 letter code)
|
|
countryName_default = AU
|
|
countryName_min = 2
|
|
countryName_max = 2
|
|
stateOrProvinceName = State or Province Name (full name)
|
|
stateOrProvinceName_default = Some-State
|
|
localityName = Locality Name (eg, city)
|
|
0.organizationName = Organization Name (eg, company)
|
|
0.organizationName_default = Internet Widgits Pty Ltd
|
|
organizationalUnitName = Organizational Unit Name (eg, section)
|
|
commonName = Common Name (eg, YOUR name)
|
|
commonName_max = 64
|
|
emailAddress = Email Address
|
|
emailAddress_max = 64
|
|
|
|
[ req_attributes ]
|
|
challengePassword = A challenge password
|
|
challengePassword_min = 4
|
|
challengePassword_max = 20
|
|
unstructuredName = An optional company name
|
|
|
|
[ v3_req ]
|
|
basicConstraints = CA:FALSE
|
|
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
|
|
|
|
[ v3_ca ]
|
|
subjectKeyIdentifier=hash
|
|
authorityKeyIdentifier=keyid:always,issuer:always
|
|
basicConstraints = CA:true
|
|
|
|
[ usr_cert ]
|
|
basicConstraints=CA:FALSE
|
|
|