In article <[EMAIL PROTECTED]> you wrote:
> GOMEZ Henri wrote:
>>
>> Hi.
>>
>> Since openssl 0.9.3, ca-fix seems to be no more supported.
>> Since I've got to generate CA cert and user certs (with pkcs12), I use a
>> script
>> modified from mca.sh found in mod_ssl.
>>
>> Question : How did I replace patches with ca-fix ?
>
> The way you have things set you can use the -extfile option to 'x509' to
> add extensions at the same time as you use 'x509' to sign a request.
>
> What you need to do is to generate a temporary config file with the
> required extensions in it. For example:
> [...]
You can look inside the mkcert.sh in mod_ssl 2.3.x. It already does all those
gory details which are similar to those in mca.sh. When I find time I'll
update mca.sh, too.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
