openssl-env Settings

Below are the definitions for the openssl-env settings:
openssl-env Script
Fta-setup-env Setting
Description
CA_SUBJECT_COMMON_NAME
This is a descriptive name for the certificate authority.
SUBJECT_COUNTRY
This is typically a two character code ISO format country code used to identify the country where the certificate authority is located.
A reference for the valid country codes can be found at https://www.nationsonline.org/oneworld/country_c ode_list.htm.
SUBJECT_ORGANIZATION
This is the name of the organization that owns the certificate authority.
SUBJECT_STATE
The state or province for certificate authorities based in the United States or Canada.
SUBJECT_LOCALITY
The city where the organization owning the certificate authority is located.
SUBJECT_COMMON_NAME
The common name must contain the domain name used by the certificate authority and for each of the servers.
CERT_ROOT_DIRECTORY
By default, the CA and the signed certificates are stored in a directory called .fta-ca under the user’s home directory.
NOTE:
The root private key should be stored in a secure place, preferably offline, and access to the key should be limited to the user signing the certificates. If the key is not secure, the certificates signed with the key cannot be trusted.
CA_EXPIRATION_DAYS
The root keys generated for the CA expire over time. The default expiration period is 10 years. This can be adjusted as needed.
OPENSSL
The OPENSSL variable is used to define the location of the OpenSSL command line tool. It is required only for running the scripts on Windows.
Provide Feedback
Have questions or feedback about this documentation? Please submit your feedback here.