/etc/inc/certs.inc - Diff - pfSense - pfSense bugtracker

« Previous | Next »

Revision 3f9c1775

Specify full path to openssl.cnf, and select the relevant section to use when generating certificates.

     		pfSense_MODULE:	certificate_managaer
     */
     define("OPEN_SSL_CONF_PATH", "/etc/ssl/openssl.cnf");
     require_once("functions.inc");
     function & lookup_ca($refid) {
-...
     function ca_create(& $ca, $keylen, $lifetime, $dn) {
     	$args = array(
     		"x509_extensions" => "v3_ca",
     		"digest_alg" => "sha1",
     		"private_key_bits" => (int)$keylen,
     		"private_key_type" => OPENSSL_KEYTYPE_RSA,
-...
     	$signing_ca_serial = ++$signing_ca['serial'];
     	$args = array(
     		"x509_extensions" => "v3_ca",
     		"digest_alg" => "sha1",
     		"private_key_bits" => (int)$keylen,
     		"private_key_type" => OPENSSL_KEYTYPE_RSA,
-...
     	$ca_serial = ++$ca['serial'];
     	$args = array(
     		"x509_extensions" => "usr_cert",
     		"digest_alg" => "sha1",
     		"private_key_bits" => (int)$keylen,
     		"private_key_type" => OPENSSL_KEYTYPE_RSA,
-...
     function csr_generate(& $cert, $keylen, $dn) {
     	$args = array(
     		"x509_extensions" => "v3_req",
     		"digest_alg" => "sha1",
     		"private_key_bits" => (int)$keylen,
     		"private_key_type" => OPENSSL_KEYTYPE_RSA,

Also available in: Unified diff