#
eaf577c8 |
| 04-Jul-2024 |
Dr. David von Oheimb |
extend X509_REQ_add_extensions_nid() and thuis APPS/req to support augmenting/overriding existing extensions Fixes #11169 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed
extend X509_REQ_add_extensions_nid() and thuis APPS/req to support augmenting/overriding existing extensions Fixes #11169 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24792)
show more ...
|
#
81202237 |
| 09-Aug-2023 |
Stephan Wurm |
apps: ca,req,x509: Add explicit start and end dates options - Added options `-not_before` (start date) and `-not-after` (end date) for explicit setting of the validity period of a cert
apps: ca,req,x509: Add explicit start and end dates options - Added options `-not_before` (start date) and `-not-after` (end date) for explicit setting of the validity period of a certificate in the apps `ca`, `req` and `x509` - The new options accept time strings or "today" - In app `ca`, use the new options as aliases of the already existing options `-startdate` and `-enddate` - When used in apps `req` and `x509`, the end date must be >= the start date, in app `ca` end date < start date is also accepted - In any case, `-not-after` overrides the `-days` option - Added helper function `check_cert_time_string` to validate given certificate time strings - Use the new helper function in apps `ca`, `req` and `x509` - Moved redundant code for time string checking into `set_cert_times` helper function. - Added tests for explicit start and end dates in apps `req` and `x509` - test: Added auxiliary functions for parsing fields from `-text` formatted output to `tconversion.pl` - CHANGES: Added to new section 3.4 Signed-off-by: Stephan Wurm <atomisirsi@gsklan.de> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21716)
show more ...
|
#
496bc128 |
| 29-Mar-2024 |
Matt Caswell |
Copyright year updates Reviewed-by: Neil Horman <nhorman@openssl.org> Release: yes (cherry picked from commit 3764f200f9d44622faa8ac1b15d2f3eb7c39e473) Reviewed-by: Hugo Lan
Copyright year updates Reviewed-by: Neil Horman <nhorman@openssl.org> Release: yes (cherry picked from commit 3764f200f9d44622faa8ac1b15d2f3eb7c39e473) Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24034)
show more ...
|
#
2410cb42 |
| 27-Feb-2024 |
Job Snijders |
Align 'openssl req' string_mask docs to how the software really works Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from htt
Align 'openssl req' string_mask docs to how the software really works Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23699)
show more ...
|
#
15585af9 |
| 27-Mar-2024 |
Vladimir Kotal |
Document change of -verify behavior in crl and req apps Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/o
Document change of -verify behavior in crl and req apps Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23983)
show more ...
|
#
6af739b7 |
| 07-Mar-2024 |
Vladimir Kotal |
apps/req,crl: exit with 1 on verification failure Fixes #23771 Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged
apps/req,crl: exit with 1 on verification failure Fixes #23771 Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/23773)
show more ...
|
#
aa3347ba |
| 16-Dec-2023 |
James Muir |
doc: fix "the a" typos (and other things nearby) Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/op
doc: fix "the a" typos (and other things nearby) Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/23068)
show more ...
|
#
da1c088f |
| 07-Sep-2023 |
Matt Caswell |
Copyright year updates Reviewed-by: Richard Levitte <levitte@openssl.org> Release: yes
|
#
c1673a60 |
| 02-Sep-2023 |
Philip Prindeville |
Per other commands, make progress dots in req only w/ -verbose Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Revi
Per other commands, make progress dots in req only w/ -verbose Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21937)
show more ...
|
#
342e3652 |
| 24-Sep-2022 |
Dr. David von Oheimb |
APPS: generated certs bear X.509 V3, unless -x509v1 option of req app is given Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by:
APPS: generated certs bear X.509 V3, unless -x509v1 option of req app is given Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/19271)
show more ...
|
#
45ada6b9 |
| 05-Oct-2022 |
Richard Levitte |
Change all references to OpenSSL 3.1 to OpenSSL 3.2 in the master branch 3.1 has been decided to be a FIPS 140-3 release, springing from the branch openssl-3.0, and the master branch to
Change all references to OpenSSL 3.1 to OpenSSL 3.2 in the master branch 3.1 has been decided to be a FIPS 140-3 release, springing from the branch openssl-3.0, and the master branch to continue with the development of OpenSSL 3.2. Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19350)
show more ...
|
#
200d8447 |
| 06-Jul-2021 |
Dr. David von Oheimb |
APPS: Move load_csr_autofmt() from apps/cmp.c to apps.c and use it also for apps, too Also add related references to FR #15725. Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
APPS: Move load_csr_autofmt() from apps/cmp.c to apps.c and use it also for apps, too Also add related references to FR #15725. Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/18900)
show more ...
|
#
251e9412 |
| 20-Oct-2021 |
Dr. David von Oheimb |
APPS/req.c: Make -reqexts option an alias of -extensions option This simplifies code, doc, and use. Fixes issue ignoring one or the other. Reviewed-by: Tomas Mraz <tomas@openssl
APPS/req.c: Make -reqexts option an alias of -extensions option This simplifies code, doc, and use. Fixes issue ignoring one or the other. Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16865)
show more ...
|
#
611ef4f3 |
| 27-Aug-2021 |
Dr. David von Oheimb |
APPS/{x509,req}: Fix description and diagnostics of -key, -in, etc. options Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16440)
|
#
20b39175 |
| 26-Aug-2021 |
Rich Salz |
Yet another doc-nits fix Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged
Yet another doc-nits fix Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/16436)
show more ...
|
#
f2b6edcf |
| 25-Aug-2021 |
Dr. David von Oheimb |
APPS/req: Fix misconceptions on -CA, -CAkey, and -key options. -CA now implies -x509 Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1642
APPS/req: Fix misconceptions on -CA, -CAkey, and -key options. -CA now implies -x509 Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16420)
show more ...
|
#
6b38d7dc |
| 02-Aug-2021 |
Dmitry Belyavskiy |
If we have passed the private key, don't copy it implicitly Fixes #16197 Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: Paul Dale <pauli@openssl.org>
If we have passed the private key, don't copy it implicitly Fixes #16197 Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16199)
show more ...
|
#
8b893c35 |
| 26-May-2021 |
Dr. David von Oheimb |
APPS req: Extend the -keyout option to be respected also with -key Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.
APPS req: Extend the -keyout option to be respected also with -key Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13715)
show more ...
|
#
54e8f725 |
| 26-May-2021 |
Dr. David von Oheimb |
DOC: Improve description of 'req' app: -new, -newkey, and -keyout options Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://
DOC: Improve description of 'req' app: -new, -newkey, and -keyout options Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13715)
show more ...
|
Revision tags: openssl-3.0.0-alpha17 |
|
#
e53ad1d8 |
| 17-May-2021 |
Rich Salz |
Remove '=for openssl ifdef' No longer needed after rewrite of cmd-nits Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: Paul Dale <pauli@openssl.org>
Remove '=for openssl ifdef' No longer needed after rewrite of cmd-nits Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15311)
show more ...
|
Revision tags: openssl-3.0.0-alpha16 |
|
#
bee3f389 |
| 03-May-2021 |
Tomas Mraz |
Document the behavior of the -inform and related options Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15100)
|
Revision tags: openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k, openssl-3.0.0-alpha13, openssl-3.0.0-alpha12, OpenSSL_1_1_1j, openssl-3.0.0-alpha11 |
|
#
4333b89f |
| 28-Jan-2021 |
Richard Levitte |
Update copyright year Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13999)
|
Revision tags: openssl-3.0.0-alpha10 |
|
#
04a1b3fa |
| 06-Jan-2021 |
Dr. David von Oheimb |
apps/req.c: Make sure -verify option takes effect also with -x509 Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/13658)
|
#
0ae8d4ca |
| 06-Jan-2021 |
Dr. David von Oheimb |
apps/req.c: Cosmetic improvements of code and documentation Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/13658)
|
#
b65c5ec8 |
| 24-Dec-2020 |
Dr. David von Oheimb |
apps/req.c: Add -copy_extensions option for use with -x509; default: none Fixes #13708 Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/
apps/req.c: Add -copy_extensions option for use with -x509; default: none Fixes #13708 Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/13658)
show more ...
|