From 956a91c7229e006e6453ff0d9b08e880c0564d3d Mon Sep 17 00:00:00 2001
From: Jakub Czajka <jakub@ekhem.eu.org>
Date: Thu, 4 May 2023 22:14:40 +0200
Subject: [PATCH] [ca] Set main paths.

---
 ca/ca.cnf | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/ca/ca.cnf b/ca/ca.cnf
index df53c3c..bc13b8b 100644
--- a/ca/ca.cnf
+++ b/ca/ca.cnf
@@ -45,7 +45,7 @@ default_ca      = CA_default            # The default ca section
 ####################################################################
 [ CA_default ]
 
-dir             = ./demoCA              # Where everything is kept
+dir             = ${ENV::ca_dir}        # Where everything is kept
 certs           = $dir/certs            # Where the issued certs are kept
 crl_dir         = $dir/crl              # Where the issued crl are kept
 database        = $dir/index.txt        # database index file.
@@ -53,12 +53,12 @@ database        = $dir/index.txt        # database index file.
                                         # several certs with same subject.
 new_certs_dir   = $dir/newcerts         # default place for new certs.
 
-certificate     = $dir/cacert.pem       # The CA certificate
+certificate     = $dir/ca.pem           # The CA certificate
 serial          = $dir/serial           # The current serial number
 crlnumber       = $dir/crlnumber        # the current crl number
                                         # must be commented out to leave a V1 CRL
 crl             = $dir/crl.pem          # The current CRL
-private_key     = $dir/private/cakey.pem# The private key
+private_key     = $dir/private/ca.key   # The private key
 
 x509_extensions = usr_cert              # The extensions to add to the cert
 
@@ -328,14 +328,14 @@ default_tsa = tsa_config1       # the default TSA section
 [ tsa_config1 ]
 
 # These are used by the TSA reply generation only.
-dir             = ./demoCA              # TSA root directory
+dir             = ${ENV::ca_dir}        # TSA root directory
 serial          = $dir/tsaserial        # The current serial number (mandatory)
 crypto_device   = builtin               # OpenSSL engine to use for signing
 signer_cert     = $dir/tsacert.pem      # The TSA signing certificate
                                         # (optional)
-certs           = $dir/cacert.pem       # Certificate chain to include in reply
+certs           = $dir/ca.pem           # Certificate chain to include in reply
                                         # (optional)
-signer_key      = $dir/private/tsakey.pem # The TSA private key (optional)
+signer_key      = $dir/private/tsa.key  # The TSA private key (optional)
 signer_digest  = sha256                 # Signing digest to use. (Optional)
 default_policy  = tsa_policy1           # Policy if request did not specify it
                                         # (optional)
-- 
2.39.5