]>
Commit | Line | Data |
---|---|---|
d02b48c6 RE |
1 | # |
2 | # SSLeay example configuration file. | |
3 | # This is mostly being used for generation of certificate requests. | |
4 | # | |
5 | ||
6 | RANDFILE = ./.rnd | |
7 | ||
8 | #################################################################### | |
9 | [ req ] | |
fec66938 | 10 | default_bits = 2048 |
d02b48c6 RE |
11 | default_keyfile = keySS.pem |
12 | distinguished_name = req_distinguished_name | |
13 | encrypt_rsa_key = no | |
14 | default_md = sha1 | |
15 | ||
16 | [ req_distinguished_name ] | |
17 | countryName = Country Name (2 letter code) | |
18 | countryName_default = AU | |
19 | countryName_value = AU | |
20 | ||
21 | organizationName = Organization Name (eg, company) | |
22 | organizationName_value = Dodgy Brothers | |
23 | ||
24 | commonName = Common Name (eg, YOUR name) | |
25 | commonName_value = Dodgy CA | |
4342c5c1 RL |
26 | |
27 | #################################################################### | |
28 | [ ca ] | |
29 | default_ca = CA_default # The default ca section | |
30 | ||
31 | #################################################################### | |
32 | [ CA_default ] | |
33 | ||
34 | dir = ./demoCA # Where everything is kept | |
35 | certs = $dir/certs # Where the issued certs are kept | |
36 | crl_dir = $dir/crl # Where the issued crl are kept | |
37 | database = $dir/index.txt # database index file. | |
38 | #unique_subject = no # Set to 'no' to allow creation of | |
39 | # several ctificates with same subject. | |
40 | new_certs_dir = $dir/newcerts # default place for new certs. | |
41 | ||
42 | certificate = $dir/cacert.pem # The CA certificate | |
43 | serial = $dir/serial # The current serial number | |
44 | crl = $dir/crl.pem # The current CRL | |
45 | private_key = $dir/private/cakey.pem# The private key | |
46 | RANDFILE = $dir/private/.rand # private random number file | |
47 | ||
478b50cf | 48 | x509_extensions = v3_ca # The extensions to add to the cert |
4342c5c1 RL |
49 | |
50 | name_opt = ca_default # Subject Name options | |
51 | cert_opt = ca_default # Certificate field options | |
52 | ||
53 | default_days = 365 # how long to certify for | |
54 | default_crl_days= 30 # how long before next CRL | |
55 | default_md = md5 # which md to use. | |
56 | preserve = no # keep passed DN ordering | |
57 | ||
58 | policy = policy_anything | |
59 | ||
60 | [ policy_anything ] | |
61 | countryName = optional | |
62 | stateOrProvinceName = optional | |
63 | localityName = optional | |
64 | organizationName = optional | |
65 | organizationalUnitName = optional | |
66 | commonName = supplied | |
67 | emailAddress = optional | |
68 | ||
69 | ||
70 | ||
71 | [ v3_ca ] | |
72 | subjectKeyIdentifier=hash | |
73 | authorityKeyIdentifier=keyid:always,issuer:always | |
6951c23a RL |
74 | basicConstraints = CA:true,pathlen:1 |
75 | keyUsage = cRLSign, keyCertSign | |
76 | issuerAltName=issuer:copy |