📄 user_certificate.ext.in
字号:
# These extensions are added when 'ca' signs a request.# This goes against PKIX guidelines but some CAs do it and some software# requires this to avoid interpreting an end user certificate as a CA.basicConstraints=critical, CA:FALSE# Here are some examples of the usage of nsCertType. If it is omitted# the certificate can be used for anything *except* object signing.# For an object signing certificate this would be used.#nsCertType = objsign# For normal client use this is typicalnsCertType = client, email# This is typical alsokeyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment, dataEncipherment, keyAgreementextendedKeyUsage= clientAuth, emailProtection# PKIX recommendationssubjectKeyIdentifier=hashauthorityKeyIdentifier=keyid,issuer:always# CommentnsComment = $ENV::COMMENT# Import the email address.subjectAltName=email:copy# Copy subject detailsissuerAltName=issuer:copy# Authority Info AccessauthorityInfoAccess = OCSP;URI:http://@baseurl@/ocspauthorityInfoAccess = caIssuers;URI:http://@baseurl@/ca/issuers.html# CRLscrlDistributionPoints=URI:http://@baseurl@/crl/cacrl.crl# Policy RelatedcertificatePolicies=1.3.6.1.4.1.5255.1.1.1,@polsec# Netscape (unused ?) extensionsnsCaRevocationUrl = http://@baseurl@/crl/cacrl.crlnsRevocationUrl = http://@baseurl@/crl/cacrl.crlnsRenewalUrl = http://@baseurl@/renewalnsCaPolicyUrl="http://www.europki.org/ca/root/cps/1.1/"#nsBaseUrl#nsSslServerName[polsec]policyIdentifier=1.3.6.1.4.1.5255.1.1.1CPS.1="http://www.europki.org/ca/root/cps/1.1/"CPS.2="http://@baseorg@/cps/"⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -