I don't know if I can post questions frequently. I apologize in advance for your understanding. Also, thank you for answering my existing questions. I'm trying to figure out exactly what the certificate consists of. Currently, both certificate issuance and certificate authentication are available. However, while studying how to set it up "properly," I had a question about the ca.cnf file. As far as I can see, if you specify policy_match in the policy of server.cnf, it will be compared with the CA certificate based on the [policy_match] section to decide whether to generate it or not. However, the policy in ca.cnf Specifying policy_match and changing the settings in the policy_match section didn't cause any problems. What is the significance of this section's existence? PS) This is my first time using this site. Can I only receive emails about the questions I asked? Unless you opt out of receiving all emails, there is a problem because all posts are sent via email no matter what settings you change.