Home Explore Help
Sign In
OWEALs
/
openssl
mirror of git://git.openssl.org/openssl.git
2
0
Fork 0
Files Issues 1 Wiki
Tree: f529b5cf05
Branches Tags
openssl
/
test
/
CAss.cnf

CAss.cnf 2.2 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576 
  1. #
    2. 

  2. # SSLeay example configuration file.
    3. 

  3. # This is mostly being used for generation of certificate requests.
    4. 

  4. #
    5. 

  5. 

  6. RANDFILE		= ./.rnd
    7. 

  7. 

  8. ####################################################################
    9. 

  9. [ req ]
    10. 

  10. default_bits		= 2048
    11. 

  11. default_keyfile 	= keySS.pem
    12. 

  12. distinguished_name	= req_distinguished_name
    13. 

  13. encrypt_rsa_key		= no
    14. 

  14. default_md		= sha1
    15. 

  15. 

  16. [ req_distinguished_name ]
    17. 

  17. countryName			= Country Name (2 letter code)
    18. 

  18. countryName_default		= AU
    19. 

  19. countryName_value		= AU
    20. 

  20. 

  21. organizationName		= Organization Name (eg, company)
    22. 

  22. organizationName_value		= Dodgy Brothers
    23. 

  23. 

  24. commonName			= Common Name (eg, YOUR name)
    25. 

  25. commonName_value		= Dodgy CA
    26. 

  26. 

  27. ####################################################################
    28. 

  28. [ ca ]
    29. 

  29. default_ca	= CA_default		# The default ca section
    30. 

  30. 

  31. ####################################################################
    32. 

  32. [ CA_default ]
    33. 

  33. 

  34. dir		= ./demoCA		# Where everything is kept
    35. 

  35. certs		= $dir/certs		# Where the issued certs are kept
    36. 

  36. crl_dir		= $dir/crl		# Where the issued crl are kept
    37. 

  37. database	= $dir/index.txt	# database index file.
    38. 

  38. #unique_subject	= no			# Set to 'no' to allow creation of
    39. 

  39. 					# several certificates with same subject.
    40. 

  40. new_certs_dir	= $dir/newcerts		# default place for new certs.
    41. 

  41. 

  42. certificate	= $dir/cacert.pem 	# The CA certificate
    43. 

  43. serial		= $dir/serial 		# The current serial number
    44. 

  44. crl		= $dir/crl.pem 		# The current CRL
    45. 

  45. private_key	= $dir/private/cakey.pem# The private key
    46. 

  46. RANDFILE	= $dir/private/.rand	# private random number file
    47. 

  47. 

  48. x509_extensions	= v3_ca			# The extensions to add to the cert
    49. 

  49. 

  50. name_opt 	= ca_default		# Subject Name options
    51. 

  51. cert_opt 	= ca_default		# Certificate field options
    52. 

  52. 

  53. default_days	= 365			# how long to certify for
    54. 

  54. default_crl_days= 30			# how long before next CRL
    55. 

  55. default_md	= md5			# which md to use.
    56. 

  56. preserve	= no			# keep passed DN ordering
    57. 

  57. 

  58. policy		= policy_anything
    59. 

  59. 

  60. [ policy_anything ]
    61. 

  61. countryName		= optional
    62. 

  62. stateOrProvinceName	= optional
    63. 

  63. localityName		= optional
    64. 

  64. organizationName	= optional
    65. 

  65. organizationalUnitName	= optional
    66. 

  66. commonName		= supplied
    67. 

  67. emailAddress		= optional
    68. 

  68. 

  69. 

  70. 

  71. [ v3_ca ]
    72. 

  72. subjectKeyIdentifier=hash
    73. 

  73. authorityKeyIdentifier=keyid:always,issuer:always
    74. 

  74. basicConstraints = critical,CA:true,pathlen:1
    75. 

  75. keyUsage = cRLSign, keyCertSign
    76. 

  76. issuerAltName=issuer:copy
    77.