Stack Bounce
Reputation: 1
openssl config: partial overwrites possible?
Do I really have to re-define the whole section if I want a filed to be overwritten?
I am about to prepare some templates for a private ca stack; root - inter - leaf. However, they share some common settings. Further I would like to "branch" some of the configs for certain use cases.
Therefore my config stack shall look like:
- default.conf (just add sections)
- ca_default.conf (just add sections)
- req.conf (just add sections)
- root.conf (include all above, explicitly and at this order)
- modify [default], [ca_default] and [req] section PARTIALLY
When I run the openssl req -config root.conf ... command the (1st@req.conf + 2nd(partially)@root.conf) ${req::distinguished_name} falls back to the /etc/ssl/openssl.cnf ${req::distinguished_name} settings.
Is there any way to partially overwrite settings, so I can keep my defaults in one place and the "inheritance" in another file?
Upvotes: 0
Views: 34
Answers (0)
Related Questions
- dyld: Library not loaded: /usr/local/opt/openssl/lib/libssl.1.0.0.dylib
- How to install OpenSSL in windows 10?
- Converting PKCS#12 certificate into PEM using OpenSSL
- Using openssl to get the certificate from a server
- Where is the global git config data stored?
- Using OpenSSL what does "unable to write 'random state'" mean?
- CMake not able to find OpenSSL library
- How to use OpenSSL to encrypt/decrypt files?
- How do I install the OpenSSL libraries on Ubuntu?
- Can I comment out a line in a .git/config file?