Hi, This is just a minor thing that always bugs me whenever I install openssl; by default the openssl configuration file (/etc/ssl/openssl.cnf) has the following line:
"commonName = Common Name (eg, YOUR name)" Sometimes when I'm installing a certificate I accidentally forget to write my host name given this prompt (as I just did a few minutes ago). I'd suggest "commonName = Common Name (your host name)" since the X.509 format of course requires the CN to be the host. I suspect this default configuration file is being copied from apps/openssl.cnf, though I confess this is just based on a diff without looking too closely. This is of course very minor, but an easy change so I hope you'll consider it to save lots of future idiots like me 30 seconds. (I am running Ubuntu 10.04 (old!) at the moment, and peeked at the source code from the openssl-fips-1.2.3.tar.gz tarball.) Thanks, DanHi,
This is just a minor thing that always bugs me whenever I install openssl; by default the openssl configuration file (/etc/ssl/openssl.cnf) has the following line:
"commonName??? ??? ??? = Common Name (eg, YOUR name)"
Sometimes when I'm installing a certificate I accidentally forget to write my host name given this prompt (as I just did a few minutes ago). I'd suggest
"commonName??? ??? ??? = Common Name (your host name)"
since the X.509 format of course requires the CN to be the host. I suspect this default configuration file is being copied from apps/openssl.cnf, though I confess this is just based on a diff without looking too closely. This is of course very minor, but an easy change so I hope you'll consider it to save lots of future idiots like me 30 seconds.
(I am running Ubuntu 10.04 (old!) at the moment, and peeked at the source code from the openssl-fips-1.2.3.tar.gz tarball.)
Thanks,
Dan
