add 'Object Identifiers' from OpenSSL

- signed-off-by: trimstray <trimstray@gmail.com>
This commit is contained in:
trimstray 2021-08-18 14:06:24 +02:00
parent dae3039b2b
commit 7fcde29b80

View file

@ -2722,6 +2722,49 @@ postalCode = 2.5.4.17
streetAddress = 2.5.4.9
```
Full example:
```bash
( _fd="private.key" ; _fd_csr="request.csr" ; \
openssl req -new -sha256 -key ${_fd} -out ${_fd_csr} \
-config <(
cat << __EOF__
[req]
default_bits = 2048
default_md = sha256
prompt = no
distinguished_name = dn
req_extensions = req_ext
oid_section = new_oids
[ new_oids ]
serialNumber = 2.5.4.5
streetAddress = 2.5.4.9
postalCode = 2.5.4.17
businessCategory = 2.5.4.15
[ dn ]
serialNumber=00001111
businessCategory=Private Organization
jurisdictionC=DE
C=DE
ST=Hessen
L=Keller
postalCode=424242
streetAddress=Crater 1621
O=AV Company
OU=IT
CN=example.com
[ req_ext ]
subjectAltName = @alt_names
[ alt_names ]
DNS.1 = example.com
__EOF__
))
```
For more information please look at these great explanations:
- [RFC 5280](https://tools.ietf.org/html/rfc5280)
@ -2730,6 +2773,7 @@ For more information please look at these great explanations:
- [Your OpenSSL CSR command is out of date](https://expeditedsecurity.com/blog/openssl-csr-command/)
- [OpenSSL example configuration file](https://www.tbs-certificats.com/openssl-dem-server-cert.cnf)
- [Object Identifiers (OIDs)](https://www.alvestrand.no/objectid/)
- [openssl objects.txt](https://github.com/openssl/openssl/blob/master/crypto/objects/objects.txt)
###### List available EC curves