Please note that this project is released with a Contributor Code of Conduct. By participating in this project you agree to abide by its terms.
- Files must be saved using the UTF-8 encoding, with no BOM and UNIX line
terminators. OpenSSL configuration files must have a copyright header (see
openssl_root_ca.cnffor an example). - Follow the code style of existing configuration files.
- Use
example.comfor domains,http://myca.example.comfor URLs,My CAas theorganizationNameof the CA andITas the CAcountryName. - Additional OIDs should go in the
additional_oidsfile. - OIDs asserting compliance with CA/Browser Forum or CA store guidelines must not be included explicitly, but rather written as comments next to the row where they should go. This will prevent people that download the files and use them for internal CAs from asserting compliance, even when the validation practices they adopt differ from the ones mandated by the guidelines.
- A test suite (which will be set up shortly) will automatically check the
compliance of certificates generated using the profiles of this project with
cablint. Your pull request should make the test suite pass. - Please note that making the test suite pass is not enough. The checks
performed by
cablintat this time are less stringent than the ones mandated by the [Requirements summary](Requirements summary.md). You should still check your proposed modifications against the reference documents listed there.