[Pki-users] CA/SSL certs customization
Cho Chan
chobicho at gmail.com
Tue Dec 15 11:43:05 UTC 2015
Hello all,
I am trying to build internal PKI - two levels CA (Root and Intermediate)
with dogtag 10.1.2 on CentOS 7.1.
When I use pkispawn to create the first CA (Root) the certificates are
created with predefined validity, signature algorithm, CN name, X509v3
extensions and etc.
I searched for options/parameters which I can use with pkispawn and
deployment config but I manage to find only this:
https://fedorapeople.org/cgit/edewata/public_git/pki-dev.git/tree/scripts/ca.cfg
Are there such options/parameters to customize the validity, CN, algorithm
and etc during the build process with pkispawn?
Or if not what are my options?
Maybe I have to edit the some of the cfg in /usr/share/pki/ca/conf ?
Much appreciate if someone can give me hints or help!
Thank you in advance!
Cho
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pki-users/attachments/20151215/b1a22ad3/attachment.htm>
More information about the Pki-users
mailing list