From 27393bb10cc7b89961602bda4b6a0f92487a8bb5 Mon Sep 17 00:00:00 2001
From: beck <>
Date: Tue, 16 Mar 1999 07:25:13 +0000
Subject: Add install of reasonable default ssleay.cnf file

---
 src/lib/libssl/Makefile   |  6 +++++
 src/lib/libssl/ssleay.cnf | 65 +++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 71 insertions(+)
 create mode 100644 src/lib/libssl/ssleay.cnf

(limited to 'src')

diff --git a/src/lib/libssl/Makefile b/src/lib/libssl/Makefile
index 38f2b0ae94..683e40e63b 100644
--- a/src/lib/libssl/Makefile
+++ b/src/lib/libssl/Makefile
@@ -8,4 +8,10 @@ SUBDIR= crypto-patent ssl-patent
 SUBDIR= crypto ssl
 .endif
 
+distribution:
+	@echo "Installing ${DESTDIR}/etc/ssl/lib/ssleay.cnf"; \
+	${INSTALL} ${INSTALL_COPY} -g ${BINGRP} -m 444 \
+	   ${.CURDIR}/ssleay.cnf ${DESTDIR}/etc/ssl/lib/ssleay.cnf;
+
 .include <bsd.subdir.mk>
+
diff --git a/src/lib/libssl/ssleay.cnf b/src/lib/libssl/ssleay.cnf
new file mode 100644
index 0000000000..c6480ee465
--- /dev/null
+++ b/src/lib/libssl/ssleay.cnf
@@ -0,0 +1,65 @@
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+
+RANDFILE		= /dev/arandom
+
+####################################################################
+[ req ]
+default_bits		= 1024
+default_keyfile 	= privkey.pem
+distinguished_name	= req_distinguished_name
+attributes		= req_attributes
+
+[ req_distinguished_name ]
+countryName			= Country Name (2 letter code)
+#countryName_default		= AU
+countryName_min			= 2
+countryName_max			= 2
+
+stateOrProvinceName		= State or Province Name (full name)
+#stateOrProvinceName_default	= Some-State
+
+localityName			= Locality Name (eg, city)
+
+0.organizationName		= Organization Name (eg, company)
+#0.organizationName_default	= Internet Widgits Pty Ltd
+
+# we can do this but it is not needed normally :-)
+#1.organizationName		= Second Organization Name (eg, company)
+#1.organizationName_default	= CryptSoft Pty Ltd
+
+organizationalUnitName		= Organizational Unit Name (eg, section)
+#organizationalUnitName_default	=
+
+commonName			= Common Name (eg, fully qualified host name)
+commonName_max			= 64
+
+emailAddress			= Email Address
+emailAddress_max		= 64
+
+[ req_attributes ]
+challengePassword		= A challenge password
+challengePassword_min		= 4
+challengePassword_max		= 20
+
+unstructuredName		= An optional company name
+
+[ x509v3_extensions ]
+
+nsCaRevocationUrl		= http://www.cryptsoft.com/ca-crl.pem
+nsComment			= "This is a comment"
+
+# under ASN.1, the 0 bit would be encoded as 80
+nsCertType			= 0x40
+
+#nsBaseUrl
+#nsRevocationUrl
+#nsRenewalUrl
+#nsCaPolicyUrl
+#nsSslServerName
+#nsCertSequence
+#nsCertExt
+#nsDataType
+
-- 
cgit v1.2.3-55-g6feb