]>
Commit | Line | Data |
---|---|---|
d02b48c6 RE |
1 | # |
2 | # SSLeay example configuration file. | |
3 | # This is mostly being used for generation of certificate requests. | |
4 | # | |
5 | ||
d02b48c6 RE |
6 | #################################################################### |
7 | [ ca ] | |
8 | default_ca = CA_default # The default ca section | |
9 | ||
10 | #################################################################### | |
11 | [ CA_default ] | |
12 | ||
13 | dir = ./demoCA # Where everything is kept | |
14 | certs = $dir/certs # Where the issued certs are kept | |
15 | crl_dir = $dir/crl # Where the issued crl are kept | |
16 | database = $dir/index.txt # database index file. | |
17 | new_certs_dir = $dir/new_certs # default place for new certs. | |
18 | ||
19 | certificate = $dir/CAcert.pem # The CA certificate | |
20 | serial = $dir/serial # The current serial number | |
21 | crl = $dir/crl.pem # The current CRL | |
22 | private_key = $dir/private/CAkey.pem# The private key | |
d02b48c6 RE |
23 | |
24 | default_days = 365 # how long to certify for | |
25 | default_crl_days= 30 # how long before next CRL | |
26 | default_md = md5 # which md to use. | |
27 | ||
28 | # A few difference way of specifying how similar the request should look | |
29 | # For type CA, the listed attributes must be the same, and the optional | |
30 | # and supplied fields are just that :-) | |
31 | policy = policy_match | |
32 | ||
33 | # For the CA policy | |
34 | [ policy_match ] | |
35 | countryName = match | |
36 | stateOrProvinceName = match | |
37 | organizationName = match | |
38 | organizationalUnitName = optional | |
39 | commonName = supplied | |
40 | emailAddress = optional | |
41 | ||
42 | # For the 'anything' policy | |
43 | # At this point in time, you must list all acceptable 'object' | |
44 | # types. | |
45 | [ policy_anything ] | |
46 | countryName = optional | |
47 | stateOrProvinceName = optional | |
48 | localityName = optional | |
49 | organizationName = optional | |
50 | organizationalUnitName = optional | |
51 | commonName = supplied | |
52 | emailAddress = optional | |
53 | ||
54 | #################################################################### | |
55 | [ req ] | |
fec66938 | 56 | default_bits = 2048 |
d02b48c6 RE |
57 | default_keyfile = testkey.pem |
58 | distinguished_name = req_distinguished_name | |
59 | encrypt_rsa_key = no | |
60 | ||
61 | [ req_distinguished_name ] | |
62 | countryName = Country Name (2 letter code) | |
63 | countryName_default = AU | |
64 | countryName_value = AU | |
65 | ||
66 | stateOrProvinceName = State or Province Name (full name) | |
67 | stateOrProvinceName_default = Queensland | |
68 | stateOrProvinceName_value = | |
69 | ||
70 | localityName = Locality Name (eg, city) | |
71 | localityName_value = Brisbane | |
72 | ||
73 | organizationName = Organization Name (eg, company) | |
74 | organizationName_default = | |
75 | organizationName_value = CryptSoft Pty Ltd | |
76 | ||
77 | organizationalUnitName = Organizational Unit Name (eg, section) | |
78 | organizationalUnitName_default = | |
79 | organizationalUnitName_value = . | |
80 | ||
81 | commonName = Common Name (eg, YOUR name) | |
82 | commonName_value = Eric Young | |
83 | ||
84 | emailAddress = Email Address | |
85 | emailAddress_value = eay@mincom.oz.au |