--- loncom/CrCA.pl	2023/05/14 18:44:57	1.5
+++ loncom/CrCA.pl	2023/05/14 19:11:47	1.6
@@ -2,7 +2,7 @@
 # The LearningOnline Network with CAPA
 # Script to create a Certificate Authority (CA) for a LON-CAPA cluster.
 #
-# $Id: CrCA.pl,v 1.5 2023/05/14 18:44:57 raeburn Exp $
+# $Id: CrCA.pl,v 1.6 2023/05/14 19:11:47 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -258,6 +258,7 @@ x509_extensions  = certificate_extension
 [ loncapa_policy ]
 
 commonName           = supplied
+localityName         = supplied
 stateOrProvinceName  = supplied
 countryName          = supplied
 emailAddress         = supplied
@@ -272,6 +273,10 @@ crlDistributionPoints = URI:http://$clus
 [ req ]
 
 default_bits       = 2048
+default_md         = sha256
+default_keyfile    = $dir/lonca/private/cakey.pem
+
+prompt             = no
 distinguished_name = loncapa_ca
 
 x509_extensions    = loncapa_ca_extensions
@@ -294,7 +299,7 @@ authorityKeyIdentifier=keyid:always,issu
 
 
 END
-
+         close($fh);
       } else {
           print 'Error: failed to wtite to '."$dir/lonca/opensslca.conf. Exiting.\n";
           exit;