From 38ce604e3cc97706b876b0525ddff0121115456d Mon Sep 17 00:00:00 2001
From: djm <>
Date: Sat, 6 Sep 2008 12:17:54 +0000
Subject: resolve conflicts

---
 src/lib/libssl/doc/openssl.cnf | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'src/lib/libssl/doc/openssl.cnf')

diff --git a/src/lib/libssl/doc/openssl.cnf b/src/lib/libssl/doc/openssl.cnf
index 4c1d595b0a..9e59020c17 100644
--- a/src/lib/libssl/doc/openssl.cnf
+++ b/src/lib/libssl/doc/openssl.cnf
@@ -44,8 +44,8 @@ new_certs_dir	= $dir/newcerts		# default place for new certs.
 
 certificate	= $dir/cacert.pem 	# The CA certificate
 serial		= $dir/serial 		# The current serial number
-#crlnumber	= $dir/crlnumber	# the current crl number must be
-					# commented out to leave a V1 CRL
+crlnumber	= $dir/crlnumber	# the current crl number
+					# must be commented out to leave a V1 CRL
 crl		= $dir/crl.pem 		# The current CRL
 private_key	= $dir/private/cakey.pem# The private key
 RANDFILE	= $dir/private/.rand	# private random number file
@@ -67,7 +67,7 @@ cert_opt 	= ca_default		# Certificate field options
 
 default_days	= 365			# how long to certify for
 default_crl_days= 30			# how long before next CRL
-default_md	= md5			# which md to use.
+default_md	= sha1			# which md to use.
 preserve	= no			# keep passed DN ordering
 
 # A few difference way of specifying how similar the request should look
@@ -188,7 +188,7 @@ nsComment			= "OpenSSL Generated Certificate"
 
 # PKIX recommendations harmless if included in all certificates.
 subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
+authorityKeyIdentifier=keyid,issuer
 
 # This stuff is for subjectAltName and issuerAltname.
 # Import the email address.
-- 
cgit v1.2.3-55-g6feb