[ ca ]
default_ca = IPFire
-[ IPCop ]
+[ IPFire ]
dir = /var/ipfire
certs = $dir/certs
-crl_dir = $dir/crls
+crl_dir = $dir/crls
database = $dir/certs/index.txt
new_certs_dir = $dir/certs
certificate = $dir/ca/cacert.pem
x509_extensions = usr_cert
default_days = 999999
default_crl_days= 30
-default_md = md5
+default_md = sha256
preserve = no
policy = policy_match
email_in_dn = no
emailAddress = optional
[ req ]
-default_bits = 1024
+default_bits = 2048
default_keyfile = privkey.pem
distinguished_name = req_distinguished_name
attributes = req_attributes
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
-countryName_default = GB
-countryName_min = 2
-countryName_max = 2
+countryName_default = DE
+countryName_min = 2
+countryName_max = 2
stateOrProvinceName = State or Province Name (full name)
stateOrProvinceName_default =
#localityName_default =
0.organizationName = Organization Name (eg, company)
-0.organizationName_default = My Company Ltd
+0.organizationName_default = IPFire
organizationalUnitName = Organizational Unit Name (eg, section)
#organizationalUnitName_default =
commonName = Common Name (eg, your name or your server\'s hostname)
-commonName_max = 64
+commonName_max = 64
emailAddress = Email Address
emailAddress_max = 40
[ req_attributes ]
challengePassword = A challenge password
-challengePassword_min = 4
-challengePassword_max = 20
+challengePassword_min = 4
+challengePassword_max = 20
unstructuredName = An optional company name
[ usr_cert ]
projects / people / pmueller / ipfire-2.x.git / blobdiff