Lines Matching +full:multi +full:- +full:address
18 .\" Set up some character translations and predefined strings. \*(-- will
24 .tr \(*W-
27 . ds -- \(*W-
29 . if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
30 . if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
37 . ds -- \|\(em\|
71 .\" Fear. Run. Save yourself. No user-serviceable parts.
81 . ds #H ((1u-(\\\\n(.fu%2u))*.13m)
97 . ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
98 . ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
99 . ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
100 . ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
101 . ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
102 . ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
104 . \" troff and (daisy-wheel) nroff accents
123 . ds d- d\h'-1'\(ga
124 . ds D- D\h'-1'\(hy
134 .TH X509V3_CONFIG 5ossl "2023-09-19" "3.0.11" "OpenSSL"
140 x509v3_config \- X509 V3 certificate extension configuration format
145 and \s-1CLI\s0 options such as \fB\-addext\fR.
166 type-value pairing where the type and value are separated by a colon.
171 \& multi\-valued
181 Multi-valued extensions have a short form and a long form. The short form
182 is a comma-separated list of names and values:
201 If an extension is multi-value and a field value must contain a comma the long
250 must be used, see the \*(L"\s-1ARBITRARY EXTENSIONS\*(R"\s0 section for more details.
257 This is a multi-valued extension which indicates whether a certificate is
258 a \s-1CA\s0 certificate. The first value is \fB\s-1CA\s0\fR followed by \fB\s-1TRUE\s0\fR or
259 \&\fB\s-1FALSE\s0\fR. If \fB\s-1CA\s0\fR is \fB\s-1TRUE\s0\fR then an optional \fBpathlen\fR name f…
272 A \s-1CA\s0 certificate \fImust\fR include the \fBbasicConstraints\fR name with the \fB\s-1CA\s0\fR
273 parameter set to \fB\s-1TRUE\s0\fR. An end-user certificate must either have \fB\s-1CA:FALSE\s0\fR
276 below this one in a chain. A \fBpathlen\fR of zero means the \s-1CA\s0 cannot sign
277 any sub-CA's, and can only sign end-entity certificates.
280 Key usage is a multi-valued extension consisting of a list of names of
296 Each value can be either a short text name or an \s-1OID.\s0
301 \& \-\-\-\-\- \-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-
305 \& emailProtection E\-mail Protection (S/MIME)
315 While \s-1IETF RFC 5280\s0 says that \fBid-kp-serverAuth\fR and \fBid-kp-clientAuth\fR
316 are only for \s-1WWW\s0 use, in practice they are used for all kinds of \s-1TLS\s0 clients
328 The \s-1SKID\s0 extension specification has a value with three choices.
329 If the value is the word \fBnone\fR then no \s-1SKID\s0 extension will be included.
331 \&\fBca\fR apps, the process specified in \s-1RFC 5280\s0 section 4.2.1.2. (1) is followed:
332 The keyIdentifier is composed of the 160\-bit \s-1SHA\-1\s0 hash of the value of the \s-1BIT
345 The \s-1AKID\s0 extension specification may have the value \fBnone\fR
346 indicating that no \s-1AKID\s0 shall be included.
351 For self-signed certificates the \s-1AKID\s0 is suppressed unless \fBalways\fR is present.
353 \&\*(L"none\*(R" was given for self-signed certificates and \*(L"keyid, issuer\*(R" otherwise.
356 copy the subject key identifier (\s-1SKID\s0) from the issuer certificate except if
357 the issuer certificate is the same as the current one and it is not self-signed.
364 then the issuer \s-1DN\s0 and serial number are copied from the issuer certificate.
375 This is a multi-valued extension that supports several types of name
377 \&\fBemail\fR (an email address),
378 \&\fB\s-1URI\s0\fR (a uniform resource indicator),
379 \&\fB\s-1DNS\s0\fR (a \s-1DNS\s0 domain name),
380 \&\fB\s-1RID\s0\fR (a registered \s-1ID: OBJECT IDENTIFIER\s0),
381 \&\fB\s-1IP\s0\fR (an \s-1IP\s0 address),
392 The \s-1IP\s0 address used in the \fB\s-1IP\s0\fR option can be in either IPv4 or IPv6 format.
395 the distinguished name to use, as a set of name-value pairs.
396 Multi-valued AVAs can be formed by prefacing the name with a \fB+\fR character.
398 The value of \fBotherName\fR can include arbitrary data associated with an \s-1OID\s0;
399 the value should be the \s-1OID\s0 followed by a semicolon and the content in specified
425 Non-ASCII Email Address conforming the syntax defined in Section 3.3 of \s-1RFC 6531\s0
426 are provided as otherName.SmtpUTF8Mailbox. According to \s-1RFC 8398,\s0 the email
427 address should be provided as UTF8String. To enforce the valid representation in
450 related to the certificate that the \s-1CA\s0 makes available. The syntax is
452 (although only a few values are well-known) and \fBlocation\fR has the same
455 Possible values for access_id include \fB\s-1OCSP\s0\fR (\s-1OCSP\s0 responder),
456 \&\fBcaIssuers\fR (\s-1CA\s0 Issuers),
457 \&\fBad_timestamping\fR (\s-1AD\s0 Time Stamping),
458 \&\fB\s-1AD_DVCS\s0\fR (ad dvcs),
459 \&\fBcaRepository\fR (\s-1CA\s0 Repository).
468 .SS "\s-1CRL\s0 distribution points"
470 This is a multi-valued extension whose values can be either a name-value
474 When a name-value pair is used, a DistributionPoint extension will
493 A multi-value field that contains the reasons for revocation. The recognized
526 This extension should only appear in CRLs. It is a multi-valued extension
527 whose syntax is similar to the \*(L"section\*(R" pointed to by the \s-1CRL\s0 distribution
539 A multi-value field that contains the reasons for revocation. The recognized
563 Policies without qualifiers are specified by giving the \s-1OID.\s0
564 Multiple policies are comma-separated. For example:
573 The section referred to must include the policy \s-1OID\s0 using the name
592 (if included) must \s-1BOTH\s0 be present. Some software might require
615 value with \fB\s-1UTF8\s0\fR, \fB\s-1BMP\s0\fR, or \fB\s-1VISIBLE\s0\fR followed by colon. For exam…
623 This is a multi-valued extension which consisting of the names
643 This is a multi-valued extension. The name should
647 is not supported and the \fB\s-1IP\s0\fR form should consist of an \s-1IP\s0 addresses and
659 .SS "\s-1OCSP\s0 No Check"
668 .SS "\s-1TLS\s0 Feature (aka Must Staple)"
670 This is a multi-valued extension consisting of a list of \s-1TLS\s0 extension
672 When a \s-1TLS\s0 client sends a listed extension, the \s-1TLS\s0 server is expected to
695 This is a multi-valued extensions which consists of a list of flags to be
711 The first way is to use the word \s-1ASN1\s0 followed by the extension content
725 It is also possible to use the word \s-1DER\s0 to include the raw encoded data in any
733 The value following \s-1DER\s0 is a hex dump of the \s-1DER\s0 encoding of the extension
747 The \s-1DER\s0 and \s-1ASN1\s0 options should be used with caution. It is possible to create
751 \&\fBopenssl\-req\fR\|(1), \fBopenssl\-ca\fR\|(1), \fBopenssl\-x509\fR\|(1),
755 Copyright 2004\-2023 The OpenSSL Project Authors. All Rights Reserved.
759 in the file \s-1LICENSE\s0 in the source distribution or at