Loading apps/ocsp.c +4 −27 Original line number Diff line number Diff line Loading @@ -148,7 +148,6 @@ int MAIN(int argc, char **argv) long nsec = MAX_VALIDITY_PERIOD, maxage = -1; char *CAfile = NULL, *CApath = NULL; X509_STORE *store = NULL; X509_VERIFY_PARAM *vpm = NULL; STACK_OF(X509) *sign_other = NULL, *verify_other = NULL, *rother = NULL; char *sign_certfile = NULL, *verify_certfile = NULL, *rcertfile = NULL; unsigned long sign_flags = 0, verify_flags = 0, rflags = 0; Loading Loading @@ -357,12 +356,6 @@ int MAIN(int argc, char **argv) } else badarg = 1; } else if (args_verify(&args, NULL, &badarg, bio_err, &vpm)) { if (badarg) goto end; continue; } else if (!strcmp (*args, "-validity_period")) { if (args[1]) Loading Loading @@ -644,9 +637,6 @@ int MAIN(int argc, char **argv) if (!req && reqin) { if (!strcmp(reqin, "-")) derbio = BIO_new_fp(stdin, BIO_NOCLOSE); else derbio = BIO_new_file(reqin, "rb"); if (!derbio) { Loading Loading @@ -749,9 +739,6 @@ int MAIN(int argc, char **argv) if (reqout) { if (!strcmp(respout, "-")) derbio = BIO_new_fp(stdout, BIO_NOCLOSE); else derbio = BIO_new_file(reqout, "wb"); if(!derbio) { Loading Loading @@ -795,9 +782,6 @@ int MAIN(int argc, char **argv) } else if (respin) { if (!strcmp(respin, "-")) derbio = BIO_new_fp(stdin, BIO_NOCLOSE); else derbio = BIO_new_file(respin, "rb"); if (!derbio) { Loading @@ -823,9 +807,6 @@ int MAIN(int argc, char **argv) if (respout) { if (!strcmp(respout, "-")) derbio = BIO_new_fp(stdout, BIO_NOCLOSE); else derbio = BIO_new_file(respout, "wb"); if(!derbio) { Loading Loading @@ -873,8 +854,6 @@ int MAIN(int argc, char **argv) store = setup_verify(bio_err, CAfile, CApath); if (!store) goto end; if (vpm) X509_STORE_set1_param(store, vpm); if (verify_certfile) { verify_other = load_certs(bio_err, verify_certfile, FORMAT_PEM, Loading Loading @@ -925,8 +904,6 @@ end: ERR_print_errors(bio_err); X509_free(signer); X509_STORE_free(store); if (vpm) X509_VERIFY_PARAM_free(vpm); EVP_PKEY_free(key); EVP_PKEY_free(rkey); X509_free(issuer); Loading demos/certs/ca.cnf +0 −3 Original line number Diff line number Diff line Loading @@ -35,7 +35,6 @@ commonName = $ENV::CN basicConstraints=critical, CA:FALSE keyUsage=critical, nonRepudiation, digitalSignature, keyEncipherment subjectAltName=DNS:crl.host.com # This will be displayed in Netscape's comment listbox. nsComment = "OpenSSL Generated Certificate" Loading @@ -43,14 +42,12 @@ nsComment = "OpenSSL Generated Certificate" # PKIX recommendations harmless if included in all certificates. subjectKeyIdentifier=hash authorityKeyIdentifier=keyid authorityInfoAccess = OCSP;URI:http://ocsp.host.com:8080/cgi-bin/prinenv/some/ocsp/path # OCSP responder certificate [ ocsp_cert ] basicConstraints=critical, CA:FALSE keyUsage=critical, nonRepudiation, digitalSignature, keyEncipherment # This will be displayed in Netscape's comment listbox. nsComment = "OpenSSL Generated Certificate" Loading demos/certs/mkcerts.sh +1 −1 Original line number Diff line number Diff line Loading @@ -15,7 +15,7 @@ $OPENSSL x509 -req -in intreq.pem -CA root.pem -days 3600 \ -extfile ca.cnf -extensions v3_ca -CAcreateserial -out intca.pem # Server certificate: create request first CN="crl.host.com" $OPENSSL req -config ca.cnf -nodes \ CN="Test Server Cert" $OPENSSL req -config ca.cnf -nodes \ -keyout skey.pem -out req.pem -newkey rsa:1024 # Sign request: end entity extensions $OPENSSL x509 -req -in req.pem -CA intca.pem -CAkey intkey.pem -days 3600 \ Loading Loading
apps/ocsp.c +4 −27 Original line number Diff line number Diff line Loading @@ -148,7 +148,6 @@ int MAIN(int argc, char **argv) long nsec = MAX_VALIDITY_PERIOD, maxage = -1; char *CAfile = NULL, *CApath = NULL; X509_STORE *store = NULL; X509_VERIFY_PARAM *vpm = NULL; STACK_OF(X509) *sign_other = NULL, *verify_other = NULL, *rother = NULL; char *sign_certfile = NULL, *verify_certfile = NULL, *rcertfile = NULL; unsigned long sign_flags = 0, verify_flags = 0, rflags = 0; Loading Loading @@ -357,12 +356,6 @@ int MAIN(int argc, char **argv) } else badarg = 1; } else if (args_verify(&args, NULL, &badarg, bio_err, &vpm)) { if (badarg) goto end; continue; } else if (!strcmp (*args, "-validity_period")) { if (args[1]) Loading Loading @@ -644,9 +637,6 @@ int MAIN(int argc, char **argv) if (!req && reqin) { if (!strcmp(reqin, "-")) derbio = BIO_new_fp(stdin, BIO_NOCLOSE); else derbio = BIO_new_file(reqin, "rb"); if (!derbio) { Loading Loading @@ -749,9 +739,6 @@ int MAIN(int argc, char **argv) if (reqout) { if (!strcmp(respout, "-")) derbio = BIO_new_fp(stdout, BIO_NOCLOSE); else derbio = BIO_new_file(reqout, "wb"); if(!derbio) { Loading Loading @@ -795,9 +782,6 @@ int MAIN(int argc, char **argv) } else if (respin) { if (!strcmp(respin, "-")) derbio = BIO_new_fp(stdin, BIO_NOCLOSE); else derbio = BIO_new_file(respin, "rb"); if (!derbio) { Loading @@ -823,9 +807,6 @@ int MAIN(int argc, char **argv) if (respout) { if (!strcmp(respout, "-")) derbio = BIO_new_fp(stdout, BIO_NOCLOSE); else derbio = BIO_new_file(respout, "wb"); if(!derbio) { Loading Loading @@ -873,8 +854,6 @@ int MAIN(int argc, char **argv) store = setup_verify(bio_err, CAfile, CApath); if (!store) goto end; if (vpm) X509_STORE_set1_param(store, vpm); if (verify_certfile) { verify_other = load_certs(bio_err, verify_certfile, FORMAT_PEM, Loading Loading @@ -925,8 +904,6 @@ end: ERR_print_errors(bio_err); X509_free(signer); X509_STORE_free(store); if (vpm) X509_VERIFY_PARAM_free(vpm); EVP_PKEY_free(key); EVP_PKEY_free(rkey); X509_free(issuer); Loading
demos/certs/ca.cnf +0 −3 Original line number Diff line number Diff line Loading @@ -35,7 +35,6 @@ commonName = $ENV::CN basicConstraints=critical, CA:FALSE keyUsage=critical, nonRepudiation, digitalSignature, keyEncipherment subjectAltName=DNS:crl.host.com # This will be displayed in Netscape's comment listbox. nsComment = "OpenSSL Generated Certificate" Loading @@ -43,14 +42,12 @@ nsComment = "OpenSSL Generated Certificate" # PKIX recommendations harmless if included in all certificates. subjectKeyIdentifier=hash authorityKeyIdentifier=keyid authorityInfoAccess = OCSP;URI:http://ocsp.host.com:8080/cgi-bin/prinenv/some/ocsp/path # OCSP responder certificate [ ocsp_cert ] basicConstraints=critical, CA:FALSE keyUsage=critical, nonRepudiation, digitalSignature, keyEncipherment # This will be displayed in Netscape's comment listbox. nsComment = "OpenSSL Generated Certificate" Loading
demos/certs/mkcerts.sh +1 −1 Original line number Diff line number Diff line Loading @@ -15,7 +15,7 @@ $OPENSSL x509 -req -in intreq.pem -CA root.pem -days 3600 \ -extfile ca.cnf -extensions v3_ca -CAcreateserial -out intca.pem # Server certificate: create request first CN="crl.host.com" $OPENSSL req -config ca.cnf -nodes \ CN="Test Server Cert" $OPENSSL req -config ca.cnf -nodes \ -keyout skey.pem -out req.pem -newkey rsa:1024 # Sign request: end entity extensions $OPENSSL x509 -req -in req.pem -CA intca.pem -CAkey intkey.pem -days 3600 \ Loading
