"Metzinger, Tim" wrote: > > I want to have a couple of layers of Organizational Units in my cert, and > I'm not sure what to change in the config file so that I am prompted for the > additional detail. I want to issue different certs for different > applications, i.e.: > > Application1: > Country= US > State=DC > Locality=Washington > Organization=US Dept. of Treasury > OU=Office of Human Resource Enterprise Solutions > OU=Peoplesoft Production Application > DN=www.hrconnect.treas.gov > [EMAIL PROTECTED] > > Application2: > Country= US > State=DC > Locality=Washington > Organization=US Dept. of Treasury > OU=Office of Human Resource Enterprise Solutions > OU=Peoplesoft Test Application > DN=cat.hrconnect.treas.gov > [EMAIL PROTECTED] > > I couldn't find any reference to the config file and can't figure out how to > specify an additional OU or two. Here's the file: > > [ req ] > default_bits = 1024 > default_keyfile = key1024.pem > distinguished_name = req_distinguished_name > attributes = req_attributes > prompt = yes > output_password = mypass > > [ req_distinguished_name ] > C = Country > ST = State or Province > L = Locality > O = Organization Name > OU = Organizational Unit Name > CN = Domain Name > emailAddress = [EMAIL PROTECTED] > > [ req_attributes ] > > Any help is greatly appreciated >
This is mentioned in the 'req' manual page. Basically you use the syntax: 1.OU = First Org Name 2.OU = Second Org Name 3.OU = Third Org Name Steve. -- Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/ Personal Email: [EMAIL PROTECTED] Senior crypto engineer, Gemplus: http://www.gemplus.com/ Core developer of the OpenSSL project: http://www.openssl.org/ Business Email: [EMAIL PROTECTED] PGP key: via homepage. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
