security-and-privacy/uts-server
security-and-privacy/uts-server
1
0
Fork 0
mirror of https://github.com/kakwa/uts-server synced 2024-12-12 18:56:35 +01:00
Code Issues Releases Wiki Activity

cosmetic change in default configuration file

Browse Source
This commit is contained in:
kakwa 2016-08-26 08:27:17 +02:00
parent 8ebbc08c88
commit 7ab15ec374
1 changed files with 55 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

75
conf/uts-server.cnf
View File

@ -1,11 +1,5 @@
[ new_oids ] [ new_oids ]
# We can add new OIDs in here for use by 'ca', 'req' and 'ts'.
# Add a simple OID like this:
# testoid1=1.2.3.4
# Or use config file substitution like this:
# testoid2=${testoid1}.5.6
# Policies used by the TSA examples. # Policies used by the TSA examples.
tsa_policy1 = 1.2.3.4.1 tsa_policy1 = 1.2.3.4.1
tsa_policy2 = 1.2.3.4.5.6 tsa_policy2 = 1.2.3.4.5.6
@ -87,29 +81,62 @@ log_level = info
#################################################################### ####################################################################
[ tsa ] [ tsa ]
default_tsa = tsa_config1 # the default TSA section # The default TSA section.
default_tsa = tsa_config1
[ tsa_config1 ] [ tsa_config1 ]
# These are used by the TSA reply generation only. # These are used by the TSA reply generation only.
dir = ./demoCA # TSA root directory
serial = ./tsaserial # The current serial number (mandatory)
crypto_device = builtin # OpenSSL engine to use for signing
signer_cert = $dir/tsacert.pem # The TSA signing certificate
# (optional)
certs = $dir/cacert.pem # Certificate chain to include in reply
# (optional)
signer_key = $dir/private/tsakey.pem # The TSA private key (optional)
default_policy = tsa_policy1 # Policy if request did not specify it # TSA root directory
dir = ./demoCA
# The current serial number
# (mandatory)
serial = ./tsaserial
# OpenSSL engine to use for signing
crypto_device = builtin
# The TSA signing certificat
# (optional) # (optional)
other_policies = tsa_policy2, tsa_policy3 # acceptable policies (optional) signer_cert = $dir/tsacert.pem
digests = md5, sha1 # Acceptable message digests (mandatory)
accuracy = secs:1, millisecs:500, microsecs:100 # (optional) # Certificate chain to include in reply
clock_precision_digits = 0 # number of digits after dot. (optional) # (optional)
ordering = yes # Is ordering defined for timestamps? certs = $dir/cacert.pem
# The TSA private key
# (optional)
signer_key = $dir/private/tsakey.pem
# Policy if request did not specify it
# (optional)
default_policy = tsa_policy1
# Acceptable policies
# (optional)
other_policies = tsa_policy2, tsa_policy3
# Acceptable message digests
# (mandatory)
digests = md5, sha1
# (optional)
accuracy = secs:1, millisecs:500, microsecs:100
# Number of digits after dot.
# (optional)
clock_precision_digits = 0
# Is ordering defined for timestamps?
# (optional, default: no) # (optional, default: no)
tsa_name = yes # Must the TSA name be included in the reply? ordering = yes
# (optional, default: no)
ess_cert_id_chain = no # Must the ESS cert id chain be included? # Must the TSA name be included in the reply?
## (optional, default: no)
tsa_name = yes
# Must the ESS cert id chain be included?
# (optional, default: no) # (optional, default: no)
ess_cert_id_chain = no