]>
Commit | Line | Data |
---|---|---|
d02b48c6 RE |
1 | # |
2 | # SSLeay example configuration file. | |
3 | # This is mostly being used for generation of certificate requests. | |
4 | # | |
5 | ||
d02b48c6 RE |
6 | #################################################################### |
7 | [ req ] | |
fec66938 | 8 | default_bits = 2048 |
d02b48c6 RE |
9 | default_keyfile = keySS.pem |
10 | distinguished_name = req_distinguished_name | |
11 | encrypt_rsa_key = no | |
12 | default_md = sha1 | |
13 | ||
14 | [ req_distinguished_name ] | |
15 | countryName = Country Name (2 letter code) | |
16 | countryName_default = AU | |
17 | countryName_value = AU | |
18 | ||
19 | organizationName = Organization Name (eg, company) | |
20 | organizationName_value = Dodgy Brothers | |
21 | ||
22 | commonName = Common Name (eg, YOUR name) | |
23 | commonName_value = Dodgy CA | |
4342c5c1 RL |
24 | |
25 | #################################################################### | |
26 | [ ca ] | |
27 | default_ca = CA_default # The default ca section | |
28 | ||
29 | #################################################################### | |
30 | [ CA_default ] | |
31 | ||
32 | dir = ./demoCA # Where everything is kept | |
33 | certs = $dir/certs # Where the issued certs are kept | |
34 | crl_dir = $dir/crl # Where the issued crl are kept | |
35 | database = $dir/index.txt # database index file. | |
36 | #unique_subject = no # Set to 'no' to allow creation of | |
5e355e0c | 37 | # several certificates with same subject. |
4342c5c1 RL |
38 | new_certs_dir = $dir/newcerts # default place for new certs. |
39 | ||
40 | certificate = $dir/cacert.pem # The CA certificate | |
41 | serial = $dir/serial # The current serial number | |
42 | crl = $dir/crl.pem # The current CRL | |
43 | private_key = $dir/private/cakey.pem# The private key | |
4342c5c1 | 44 | |
478b50cf | 45 | x509_extensions = v3_ca # The extensions to add to the cert |
4342c5c1 RL |
46 | |
47 | name_opt = ca_default # Subject Name options | |
48 | cert_opt = ca_default # Certificate field options | |
49 | ||
50 | default_days = 365 # how long to certify for | |
51 | default_crl_days= 30 # how long before next CRL | |
52 | default_md = md5 # which md to use. | |
53 | preserve = no # keep passed DN ordering | |
54 | ||
55 | policy = policy_anything | |
56 | ||
57 | [ policy_anything ] | |
58 | countryName = optional | |
59 | stateOrProvinceName = optional | |
60 | localityName = optional | |
61 | organizationName = optional | |
62 | organizationalUnitName = optional | |
63 | commonName = supplied | |
64 | emailAddress = optional | |
65 | ||
66 | ||
67 | ||
68 | [ v3_ca ] | |
69 | subjectKeyIdentifier=hash | |
70 | authorityKeyIdentifier=keyid:always,issuer:always | |
a7be5759 | 71 | basicConstraints = critical,CA:true,pathlen:1 |
6951c23a RL |
72 | keyUsage = cRLSign, keyCertSign |
73 | issuerAltName=issuer:copy |