CRL="
crlDistributionPoints=URI:http://g2.crl.cacert.org/g2/$year/env-1.crl
-authorityInfoAccess = OCSP;URI:http://g2.ocsp.cacert.org,caIssuers;URI:http://g2.crt.cacert.org/$year/env-1.crt"
+authorityInfoAccess = OCSP;URI:http://g2.ocsp.cacert.org,caIssuers;URI:http://g2.crt.cacert.org/g2/$year/env-1.crt"
cat <<TESTCA > req.cnf
basicConstraints = critical,CA:false
authorityKeyIdentifier = keyid:always
crlDistributionPoints=URI:http://g2.crl.cacert.org/g2/root.crl
-authorityInfoAccess = OCSP;URI:http://g2.ocsp.cacert.org,caIssuers;URI:http://g2.crt.cacert.org/root.crt
+authorityInfoAccess = OCSP;URI:http://g2.ocsp.cacert.org,caIssuers;URI:http://g2.crt.cacert.org/g2/root.crt
TESTCA
cat <<TESTCA > subca.cnf
authorityKeyIdentifier = keyid:always
crlDistributionPoints=URI:http://g2.crl.cacert.org/g2/root.crl
-authorityInfoAccess = OCSP;URI:http://g2.ocsp.cacert.org,caIssuers;URI:http://g2.crt.cacert.org/root.crt
+authorityInfoAccess = OCSP;URI:http://g2.ocsp.cacert.org,caIssuers;URI:http://g2.crt.cacert.org/g2/root.crt
TESTCA
authorityKeyIdentifier = keyid:always
crlDistributionPoints=URI:http://g2.crl.cacert.org/g2/$2.crl
-authorityInfoAccess = OCSP;URI:http://g2.ocsp.cacert.org,caIssuers;URI:http://g2.crt.cacert.org/$2.crt
+authorityInfoAccess = OCSP;URI:http://g2.ocsp.cacert.org,caIssuers;URI:http://g2.crt.cacert.org/g2/$2.crt
TESTCA
caSign $1 $2 timesubca.cnf "$3" "$4"
rm timesubca.cnf
[ -f config ] && . ./config
STRUCT_CAS="env unassured assured codesign orga orgaSign"
-SERVER_KEYS="api secure www static signer_server signer_client"
+SERVER_KEYS="api secure www static signer_server signer_client mail"
TIME_IDX="1 2"
points[1]="0101000000Z"
points[2]="0601000000Z"