Add install of reasonable default ssleay.cnf file

author: beck <> 1999-03-16 07:25:13 +0000
committer: beck <> 1999-03-16 07:25:13 +0000
commit: 27393bb10cc7b89961602bda4b6a0f92487a8bb5 (patch)
tree: e0a82d0d7185a2f7f749803e3328196b0d437fd1
parent: 33bdaa3a00a8b55e1a86100fcb7419c4c3491269 (diff)
download: openbsd-27393bb10cc7b89961602bda4b6a0f92487a8bb5.tar.gz
openbsd-27393bb10cc7b89961602bda4b6a0f92487a8bb5.tar.bz2
openbsd-27393bb10cc7b89961602bda4b6a0f92487a8bb5.zip
2 files changed, 71 insertions, 0 deletions
diff --git a/src/lib/libssl/Makefile b/src/lib/libssl/Makefile
index 38f2b0ae94..683e40e63b 100644
--- a/src/lib/libssl/Makefile
+++ b/src/lib/libssl/Makefile
@@ -8,4 +8,10 @@ SUBDIR= crypto-patent ssl-patent
 SUBDIR= crypto ssl
 .endif
+distribution:
+        @echo "Installing ${DESTDIR}/etc/ssl/lib/ssleay.cnf"; \
+        ${INSTALL} ${INSTALL_COPY} -g ${BINGRP} -m 444 \
+           ${.CURDIR}/ssleay.cnf ${DESTDIR}/etc/ssl/lib/ssleay.cnf;
 .include <bsd.subdir.mk>
diff --git a/src/lib/libssl/ssleay.cnf b/src/lib/libssl/ssleay.cnf
new file mode 100644
index 0000000000..c6480ee465
--- /dev/null
+++ b/src/lib/libssl/ssleay.cnf
@@ -0,0 +1,65 @@
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+RANDFILE                = /dev/arandom
+####################################################################
+[ req ]
+default_bits            = 1024
+default_keyfile         = privkey.pem
+distinguished_name      = req_distinguished_name
+attributes              = req_attributes
+[ req_distinguished_name ]
+countryName                     = Country Name (2 letter code)
+#countryName_default            = AU
+countryName_min                 = 2
+countryName_max                 = 2
+stateOrProvinceName             = State or Province Name (full name)
+#stateOrProvinceName_default    = Some-State
+localityName                    = Locality Name (eg, city)
+0.organizationName              = Organization Name (eg, company)
+#0.organizationName_default     = Internet Widgits Pty Ltd
+# we can do this but it is not needed normally :-)
+#1.organizationName             = Second Organization Name (eg, company)
+#1.organizationName_default     = CryptSoft Pty Ltd
+organizationalUnitName          = Organizational Unit Name (eg, section)
+#organizationalUnitName_default =
+commonName                      = Common Name (eg, fully qualified host name)
+commonName_max                  = 64
+emailAddress                    = Email Address
+emailAddress_max                = 64
+[ req_attributes ]
+challengePassword               = A challenge password
+challengePassword_min           = 4
+challengePassword_max           = 20
+unstructuredName                = An optional company name
+[ x509v3_extensions ]
+nsCaRevocationUrl               = http://www.cryptsoft.com/ca-crl.pem
+nsComment                       = "This is a comment"
+# under ASN.1, the 0 bit would be encoded as 80
+nsCertType                      = 0x40
+#nsBaseUrl
+#nsRevocationUrl
+#nsRenewalUrl
+#nsCaPolicyUrl
+#nsSslServerName
+#nsCertSequence
+#nsCertExt
+#nsDataType
author	beck <>	1999-03-16 07:25:13 +0000
committer	beck <>	1999-03-16 07:25:13 +0000
commit	27393bb10cc7b89961602bda4b6a0f92487a8bb5 (patch)
tree	e0a82d0d7185a2f7f749803e3328196b0d437fd1
parent	33bdaa3a00a8b55e1a86100fcb7419c4c3491269 (diff)
download	openbsd-27393bb10cc7b89961602bda4b6a0f92487a8bb5.tar.gz openbsd-27393bb10cc7b89961602bda4b6a0f92487a8bb5.tar.bz2 openbsd-27393bb10cc7b89961602bda4b6a0f92487a8bb5.zip

diff --git a/src/lib/libssl/Makefile b/src/lib/libssl/Makefile index 38f2b0ae94..683e40e63b 100644 --- a/src/lib/libssl/Makefile +++ b/src/lib/libssl/Makefile
@@ -8,4 +8,10 @@ SUBDIR= crypto-patent ssl-patent
8	SUBDIR= crypto ssl	8	SUBDIR= crypto ssl
9	.endif	9	.endif
10		10
		11	distribution:
		12	@echo "Installing ${DESTDIR}/etc/ssl/lib/ssleay.cnf"; \
		13	${INSTALL} ${INSTALL_COPY} -g ${BINGRP} -m 444 \
		14	${.CURDIR}/ssleay.cnf ${DESTDIR}/etc/ssl/lib/ssleay.cnf;
		15
11	.include <bsd.subdir.mk>	16	.include <bsd.subdir.mk>
		17


diff --git a/src/lib/libssl/ssleay.cnf b/src/lib/libssl/ssleay.cnf new file mode 100644 index 0000000000..c6480ee465 --- /dev/null +++ b/src/lib/libssl/ssleay.cnf
@@ -0,0 +1,65 @@
		1	#
		2	# SSLeay example configuration file.
		3	# This is mostly being used for generation of certificate requests.
		4	#
		5
		6	RANDFILE = /dev/arandom
		7
		8	####################################################################
		9	[ req ]
		10	default_bits = 1024
		11	default_keyfile = privkey.pem
		12	distinguished_name = req_distinguished_name
		13	attributes = req_attributes
		14
		15	[ req_distinguished_name ]
		16	countryName = Country Name (2 letter code)
		17	#countryName_default = AU
		18	countryName_min = 2
		19	countryName_max = 2
		20
		21	stateOrProvinceName = State or Province Name (full name)
		22	#stateOrProvinceName_default = Some-State
		23
		24	localityName = Locality Name (eg, city)
		25
		26	0.organizationName = Organization Name (eg, company)
		27	#0.organizationName_default = Internet Widgits Pty Ltd
		28
		29	# we can do this but it is not needed normally :-)
		30	#1.organizationName = Second Organization Name (eg, company)
		31	#1.organizationName_default = CryptSoft Pty Ltd
		32
		33	organizationalUnitName = Organizational Unit Name (eg, section)
		34	#organizationalUnitName_default =
		35
		36	commonName = Common Name (eg, fully qualified host name)
		37	commonName_max = 64
		38
		39	emailAddress = Email Address
		40	emailAddress_max = 64
		41
		42	[ req_attributes ]
		43	challengePassword = A challenge password
		44	challengePassword_min = 4
		45	challengePassword_max = 20
		46
		47	unstructuredName = An optional company name
		48
		49	[ x509v3_extensions ]
		50
		51	nsCaRevocationUrl = http://www.cryptsoft.com/ca-crl.pem
		52	nsComment = "This is a comment"
		53
		54	# under ASN.1, the 0 bit would be encoded as 80
		55	nsCertType = 0x40
		56
		57	#nsBaseUrl
		58	#nsRevocationUrl
		59	#nsRenewalUrl
		60	#nsCaPolicyUrl
		61	#nsSslServerName
		62	#nsCertSequence
		63	#nsCertExt
		64	#nsDataType
		65