<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Verdana;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:72.0pt 90.0pt 72.0pt 90.0pt;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="FR-CA" link="#0563C1" vlink="#954F72">
<div class="WordSection1">
<p class="MsoNormal"><b><span lang="EN-CA" style="mso-fareast-language:EN-US">Libor Chocholaty
<o:p></o:p></span></b></p>
<p class="MsoNormal"><b><span lang="EN-CA" style="mso-fareast-language:EN-US"><o:p> </o:p></span></b></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">openssl ca -config etc/intermediate.cnf -extensions server_cert -days 1825 -notext -md sha256 -in intermediate/csr/test.groupesti.com.csr -out intermediate/certs/test.groupesti.com.crt<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">Using configuration from etc/intermediate.cnf<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">Enter pass phrase for /CA/intermediate/private/intermediate.key: ************<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">Error Loading extension section server_cert<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">140542588306560:error:0E06D06C:configuration file routines:NCONF_get_string:no value:../crypto/conf/conf_lib.c:273:group=CA_default name=email_in_dn<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">140542588306560:error:0E06D06C:configuration file routines:NCONF_get_string:no value:../crypto/conf/conf_lib.c:273:group=CA_default name=rand_serial<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">140542588306560:error:0D06407A:asn1 encoding routines:a2d_ASN1_OBJECT:first num too large:../crypto/asn1/a_object.c:73:<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">140542588306560:error:2208306E:X509 V3 routines:policy_section:invalid object identifier:../crypto/x509v3/v3_cpols.c:183:section:Cert_policy_server,name:policyIdentifier,value:GroupeSTIAssurance,
GroupeSTIDevice<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">140542588306560:error:22098080:X509 V3 routines:X509V3_EXT_nconf:error in extension:../crypto/x509v3/v3_conf.c:47:name=certificatePolicies, value=ia5org, @Cert_policy_server<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">Intermediate.cnf<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">[ openssl_init ]<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">oid_section = oids_section<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">[ ca ]<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">default_ca = CA_default<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">[ CA_default ]<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">dir = /CA/intermediate<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">certs = $dir/certs<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">crl_dir = $dir/crl<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">new_certs_dir = $dir/newcerts<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">database = $dir/index.txt<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">serial = $dir/serial<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">RANDFILE = $dir/private/.rand<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">private_key = $dir/private/intermediate.key<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">certificate = $dir/certs/intermediate.crt<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">crlnumber = $dir/crlnumber<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">crl = $dir/crl/intermediate.crl<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">crl_extensions = crl_ext<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">default_crl_days = 30<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">default_md = sha256<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">name_opt = ca_default<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">cert_opt = ca_default<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">default_days = 375<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">preserve = no<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">policy = policy_loose<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">[ policy_strict ]<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">countryName = match<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">stateOrProvinceName = match<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">organizationName = match<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">organizationalUnitName = optional<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">commonName = supplied<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">emailAddress = optional<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">[ policy_loose ]<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">countryName = optional<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">stateOrProvinceName = optional<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">localityName = optional<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">organizationName = optional<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">organizationalUnitName = optional<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">commonName = supplied<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">emailAddress = optional<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">[ req ]<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">default_bits = 2048<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">distinguished_name = req_distinguished_name<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">utf8 = yes<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">string_mask = utf8only<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">name_opt = multiline, -esc_msb, utf8<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">default_md = sha256<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">x509_extensions = v3_ca<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">[ req_distinguished_name ]<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US">countryName = "1. Nom du pays (2 lettres) (Ex, CA) "<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">countryName_max = 2<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">countryName_default = CA<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">stateOrProvinceName = "2.
</span><span style="mso-fareast-language:EN-US">Nom de l'État ou de la province (Ex, Québec) "<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US">stateOrProvinceName_default = Québec<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US">localityName = "3. Nom de localité (Ex, Saguenay) "<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US">localityName_default = Saguenay<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US">organizationName = "4. Nom de l'organisation (Ex, Groupe Solutions TI) "<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US">organizationName_default = Groupe Solutions TI Inc.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US">organizationalUnitName = "5. Nom de l'unité organisationnelle (Ex, Service web) "<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US">organizationalUnitName_default =<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US">commonName = "6. Nom de la personne (Ex, Jean Tremblay) "<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">commonName_max = 64<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">commonName_default =<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">emailAddress = "7.
</span><span style="mso-fareast-language:EN-US">Adresse courriel (Ex, vous@domain.com "<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">emailAddress_max = 64<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">emailAddress_default =<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">[ issuer_section ]<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US">O = Groupe Solutions TI Inc.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US">CN = Groupe Solutions TI Inc. - Autorité TLS V3 Principal<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">C = CA<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">ST = Québec<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">L = Saguenay<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">streetAddress = 3-4109, Saint-Alexandre<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">postalCode = G8A 2H1<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">emailAddress = support@groupesti.com<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">telephoneNumber = +1 (418) 695-9007<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">[ v3_ca ]<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">subjectKeyIdentifier = hash<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">authorityKeyIdentifier = keyid:always,issuer<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">basicConstraints = critical, CA:true<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">keyUsage = critical, digitalSignature, cRLSign, keyCertSign<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">[ v3_intermediate_ca ]<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">subjectKeyIdentifier = hash<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">authorityKeyIdentifier = keyid:always,issuer<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">basicConstraints = critical, CA:true, pathlen:0<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">keyUsage = critical, digitalSignature, cRLSign, keyCertSign<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">[ usr_cert ]<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">basicConstraints = CA:FALSE<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">nsCertType = client, email<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">subjectKeyIdentifier = hash<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">authorityKeyIdentifier = keyid,issuer<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">extendedKeyUsage = clientAuth, emailProtection<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">SMIME-CAPS = ASN1:SEQUENCE:smime_seq<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">crlDistributionPoints = crl_section<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">[ Policy_usr_cert ]<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US">policyIdentifier = GroupeSTIAssurance, GroupeSTIUser<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US">CPS = http://cps.groupesti.com<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">[ server_cert ]<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">basicConstraints = CA:FALSE<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">nsCertType = server<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">subjectKeyIdentifier = hash<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">authorityKeyIdentifier = keyid, issuer:always<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">keyUsage = critical, digitalSignature, keyEncipherment<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">extendedKeyUsage = serverAuth<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">certificatePolicies = ia5org, @Cert_policy_server<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">crlDistributionPoints = crl_section<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">[ Cert_policy_server ]<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">policyIdentifier = GroupeSTIAssurance, GroupeSTIDevice<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">CPS.1 = http://cps.groupesti.com<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">[ crl_ext ]<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">authorityKeyIdentifier = keyid:always<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">[ crl_section ]<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">fullname = URI:http://pki.groupesti.com/ca.crl<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">CRLissuer = dirName:issuer_section<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">reasons = keyCompromise, CACompromise<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">authorityKeyIdentifier = keyid:always<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">[ ocsp ]<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">basicConstraints = CA:FALSE<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">subjectKeyIdentifier = hash<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">authorityKeyIdentifier = keyid, issuer<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">keyUsage = critical, digitalSignature<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">extendedKeyUsage = critical, OCSPSigning<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">[ smime_seq ]<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">SMIMECapability.0 = SEQWRAP, OID:sha1<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">SMIMECapability.1 = SEQWRAP, OID:sha256<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">SMIMECapability.2 = SEQWRAP, OID:sha1WithRSA<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">SMIMECapability.3 = SEQWRAP, OID:aes-256-ecb<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">SMIMECapability.4 = SEQWRAP, OID:aes-256-cbc<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">SMIMECapability.5 = SEQWRAP, OID:aes-256-ofb<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">SMIMECapability.6 = SEQWRAP, OID:aes-128-ecb<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">SMIMECapability.7 = SEQWRAP, OID:aes-128-cbc<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">SMIMECapability.8 = SEQWRAP, OID:aes-128-ecb<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">SMIMECapability.9 = SEQUENCE:rsa_enc<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">[ oids_section ]<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">GroupeSTIAssurance = 1.3.6.1.4.1.51063.0.1<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">GroupeSTIUser = 1.3.6.1.4.1.51063.0.1.0<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">GroupeSTIDevice = 1.3.6.1.4.1.51063.0.1.1<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US">GroupeSTIAssuranceEV = 1.3.6.1.4.1.51063.0.1.2<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0cm 0cm 0cm">
<p class="MsoNormal"><b><span lang="FR">De :</span></b><span lang="FR"> openssl-users <openssl-users-bounces@openssl.org>
<b>De la part de</b> Libor Chocholaty<br>
<b>Envoyé :</b> 6 avril 2020 16:42<br>
<b>À :</b> openssl-users@openssl.org<br>
<b>Objet :</b> Re: Help with certificatePolicies section<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p><span style="font-size:10.0pt;font-family:"Verdana",sans-serif">Hi,<o:p></o:p></span></p>
<p><span style="font-size:10.0pt;font-family:"Verdana",sans-serif">could you share commands that led to this error?<o:p></o:p></span></p>
<p><span style="font-size:10.0pt;font-family:"Verdana",sans-serif">It looks to me referenced non existent section in config file like as param "-extensions" option.<o:p></o:p></span></p>
<p><span style="font-size:10.0pt;font-family:"Verdana",sans-serif">Regards,<br>
Libor<o:p></o:p></span></p>
<p><span style="font-size:10.0pt;font-family:"Verdana",sans-serif"><o:p> </o:p></span></p>
<p><span style="font-size:10.0pt;font-family:"Verdana",sans-serif">On 2020-04-06 19:43, Richard Simard wrote:<o:p></o:p></span></p>
<blockquote style="border:none;border-left:solid #1010FF 1.5pt;padding:0cm 0cm 0cm 5.0pt;margin-left:0cm;margin-right:0cm">
<div>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:10.0pt;font-family:"Verdana",sans-serif">Hi!<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:10.0pt;font-family:"Verdana",sans-serif">Anybody can help me whit this error?<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:10.0pt;font-family:"Verdana",sans-serif"> <o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:10.0pt;font-family:"Verdana",sans-serif">Error Loading extension section server_cert<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:10.0pt;font-family:"Verdana",sans-serif">140091048477824:error:0E06D06C:configuration file routines:NCONF_get_string:no value:../crypto/conf/conf_lib.c:273:group=CA_default
name=email_in_dn<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:10.0pt;font-family:"Verdana",sans-serif">140091048477824:error:0E06D06C:configuration file routines:NCONF_get_string:no value:../crypto/conf/conf_lib.c:273:group=CA_default
name=rand_serial<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:10.0pt;font-family:"Verdana",sans-serif">140091048477824:error:0D06407A:asn1 encoding routines:a2d_ASN1_OBJECT:first num too large:../crypto/asn1/a_object.c:73:<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:10.0pt;font-family:"Verdana",sans-serif">140091048477824:error:2208306E:X509 V3 routines:policy_section:invalid object identifier:../crypto/x509v3/v3_cpols.c:183:section:Cert_policy_server,name:policyIdentifier,value:GroupeSTIAssurance,
GroupeSTIDevice<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:10.0pt;font-family:"Verdana",sans-serif">140091048477824:error:22098080:X509 V3 routines:X509V3_EXT_nconf:error in extension:../crypto/x509v3/v3_conf.c:47:name=certificatePolicies,
value=ia5org,1.3.6.1.4.1.51063,@Cert_policy_server<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:10.0pt;font-family:"Verdana",sans-serif"> <o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:10.0pt;font-family:"Verdana",sans-serif">[ openssl_init ]<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:10.0pt;font-family:"Verdana",sans-serif">oid_section = oids_section<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:10.0pt;font-family:"Verdana",sans-serif"> <o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:10.0pt;font-family:"Verdana",sans-serif">[ server_cert ]<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:10.0pt;font-family:"Verdana",sans-serif">basicConstraints = CA:FALSE<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:10.0pt;font-family:"Verdana",sans-serif">nsCertType = server<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:10.0pt;font-family:"Verdana",sans-serif">subjectKeyIdentifier = hash<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:10.0pt;font-family:"Verdana",sans-serif">authorityKeyIdentifier = keyid, issuer:always<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:10.0pt;font-family:"Verdana",sans-serif">keyUsage = critical, digitalSignature, keyEncipherment<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:10.0pt;font-family:"Verdana",sans-serif">extendedKeyUsage = serverAuth<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:10.0pt;font-family:"Verdana",sans-serif">certificatePolicies = ia5org, @Cert_policy_server<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:10.0pt;font-family:"Verdana",sans-serif">crlDistributionPoints = crl_section<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:10.0pt;font-family:"Verdana",sans-serif"> <o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:10.0pt;font-family:"Verdana",sans-serif">[ Cert_policy_server ]<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:10.0pt;font-family:"Verdana",sans-serif">policyIdentifier = GroupeSTIAssurance, GroupeSTIDevice<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:10.0pt;font-family:"Verdana",sans-serif">CPS.1 =
<a href="http://cps.groupesti.com">http://cps.groupesti.com</a><o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:10.0pt;font-family:"Verdana",sans-serif"> <o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:10.0pt;font-family:"Verdana",sans-serif">[ crl_section ]<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:10.0pt;font-family:"Verdana",sans-serif">fullname = URI:http://pki.groupesti.com/ca.crl<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:10.0pt;font-family:"Verdana",sans-serif">CRLissuer = dirName:issuer_section<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:10.0pt;font-family:"Verdana",sans-serif">reasons = keyCompromise, CACompromise<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:10.0pt;font-family:"Verdana",sans-serif">authorityKeyIdentifier = keyid:always<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:10.0pt;font-family:"Verdana",sans-serif"> <o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:10.0pt;font-family:"Verdana",sans-serif">[ oids_section ]<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:10.0pt;font-family:"Verdana",sans-serif">GroupeSTIAssurance = 1.3.6.1.4.1.51063.0.1<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:10.0pt;font-family:"Verdana",sans-serif">GroupeSTIUser = 1.3.6.1.4.1.51063.0.1.0<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:10.0pt;font-family:"Verdana",sans-serif">GroupeSTIDevice = 1.3.6.1.4.1.51063.0.1.1<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:10.0pt;font-family:"Verdana",sans-serif"> <o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:10.0pt;font-family:"Verdana",sans-serif"> <o:p></o:p></span></p>
</div>
</blockquote>
<p><span style="font-size:10.0pt;font-family:"Verdana",sans-serif"><o:p> </o:p></span></p>
</div>
</body>
</html>