Allow certificate subject to _not_ be unique

2019-01-21 16:58:17 +01:00 · 2019-01-21 16:58:17 +01:00 · ad86051d63
commit ad86051d63
parent 8e73442e12
1 changed files with 3 additions and 0 deletions
--- a/easyrsa3/openssl-easyrsa.cnf
+++ b/easyrsa3/openssl-easyrsa.cnf
@ -32,6 +32,9 @@ default_crl_days= $ENV::EASYRSA_CRL_DAYS	# how long before next CRL
 default_md	= $ENV::EASYRSA_DIGEST		# use public key default MD
 preserve	= no			# keep passed DN ordering

+# This allows to renew certificates which have not been revoked
+unique_subject	= no
+
 # A few difference way of specifying how similar the request should look
 # For type CA, the listed attributes must be the same, and the optional
 # and supplied fields are just that :-)