diff options
author | cfu <cfu@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2011-01-11 19:14:32 +0000 |
---|---|---|
committer | cfu <cfu@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2011-01-11 19:14:32 +0000 |
commit | 57d529cce8f005d2ca98681f4e2df1008ef6130d (patch) | |
tree | d030347ebfa2ba186b45b73f873c49d8d9204789 /pki/base/ocsp/shared | |
parent | 3a0e4d837fdd82c87a460d436033eb76efef7fd2 (diff) | |
download | pki-57d529cce8f005d2ca98681f4e2df1008ef6130d.tar.gz pki-57d529cce8f005d2ca98681f4e2df1008ef6130d.tar.xz pki-57d529cce8f005d2ca98681f4e2df1008ef6130d.zip |
Bugzilla 661142 - Verification should fail when a revoked certificate is added
- adding -P to audit signing certs trust database
- making specific certusage check
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1723 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
Diffstat (limited to 'pki/base/ocsp/shared')
-rw-r--r-- | pki/base/ocsp/shared/conf/CS.cfg.in | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/pki/base/ocsp/shared/conf/CS.cfg.in b/pki/base/ocsp/shared/conf/CS.cfg.in index 84553d3fc..ad98fe64a 100644 --- a/pki/base/ocsp/shared/conf/CS.cfg.in +++ b/pki/base/ocsp/shared/conf/CS.cfg.in @@ -41,6 +41,10 @@ preop.configModules.count=3 preop.module.token=Internal Key Storage Token ocsp.cert.list=signing,sslserver,subsystem,audit_signing preop.cert.list=signing,sslserver,subsystem,audit_signing +ocsp.cert.signing=StatusResponder +ocsp.cert.sslserver.certusage=SSLServer +ocsp.cert.subsystem.certusage=SSLClient +ocsp.cert.audit_signing.certusage=ObjectSigner preop.cert.ocsp_signing.enable=true preop.cert.sslserver.enable=true preop.cert.subsystem.enable=true |