Merge from 1.0.0-stable branch.

author: Dr. Stephen Henson <steve@openssl.org> 2009-04-23 16:32:42 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2009-04-23 16:32:42 +0000
commit: ef236ec3b26300c0a18872c432122a74f9d5459e (patch)
tree: eeaaa927765ca06f61c1b559b3fff5263a6b5654 /apps/openssl-vms.cnf
parent: 8711efb4984b66a901b543d1b5d96fc5b6928d10 (diff)
download: openssl-new-ef236ec3b26300c0a18872c432122a74f9d5459e.tar.gz
1 files changed, 3 insertions, 3 deletions
diff --git a/apps/openssl-vms.cnf b/apps/openssl-vms.cnf
index 52ade56653..20ed61bc3e 100644
--- a/apps/openssl-vms.cnf
+++ b/apps/openssl-vms.cnf
@@ -231,7 +231,7 @@ keyUsage = nonRepudiation, digitalSignature, keyEncipherment
 
 subjectKeyIdentifier=hash
 
-authorityKeyIdentifier=keyid:always,issuer:always
+authorityKeyIdentifier=keyid:always,issuer
 
 # This is what PKIX recommends but some broken software chokes on critical
 # extensions.
@@ -264,7 +264,7 @@ basicConstraints = CA:true
 # Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
 
 # issuerAltName=issuer:copy
-authorityKeyIdentifier=keyid:always,issuer:always
+authorityKeyIdentifier=keyid:always
 
 [ proxy_cert_ext ]
 # These extensions should be added when creating a proxy certificate
@@ -297,7 +297,7 @@ nsComment			= "OpenSSL Generated Certificate"
 
 # PKIX recommendations harmless if included in all certificates.
 subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
+authorityKeyIdentifier=keyid,issuer
 
 # This stuff is for subjectAltName and issuerAltname.
 # Import the email address.
author	Dr. Stephen Henson <steve@openssl.org>	2009-04-23 16:32:42 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2009-04-23 16:32:42 +0000
commit	ef236ec3b26300c0a18872c432122a74f9d5459e (patch)
tree	eeaaa927765ca06f61c1b559b3fff5263a6b5654 /apps/openssl-vms.cnf
parent	8711efb4984b66a901b543d1b5d96fc5b6928d10 (diff)
download	openssl-new-ef236ec3b26300c0a18872c432122a74f9d5459e.tar.gz