| 123456789101112131415161718192021222324252627282930313233343536373839404142 |
- #
- # openssl configuration file for OCSP certificates
- #
- # Extensions to add to a certificate request (intermediate1-ca)
- [ v3_req1 ]
- basicConstraints = CA:false
- subjectKeyIdentifier = hash
- authorityKeyIdentifier = keyid:always,issuer:always
- keyUsage = nonRepudiation, digitalSignature, keyEncipherment
- authorityInfoAccess = OCSP;URI:http://127.0.0.1:22221
- # Extensions to add to a certificate request (intermediate2-ca)
- [ v3_req2 ]
- basicConstraints = CA:false
- subjectKeyIdentifier = hash
- authorityKeyIdentifier = keyid:always,issuer:always
- keyUsage = nonRepudiation, digitalSignature, keyEncipherment
- authorityInfoAccess = OCSP;URI:http://127.0.0.1:22222
- # Extensions to add to a certificate request (intermediate3-ca)
- [ v3_req3 ]
- basicConstraints = CA:false
- subjectKeyIdentifier = hash
- authorityKeyIdentifier = keyid:always,issuer:always
- keyUsage = nonRepudiation, digitalSignature, keyEncipherment
- authorityInfoAccess = OCSP;URI:http://127.0.0.1:22223
- # Extensions for a typical CA
- [ v3_ca ]
- basicConstraints = CA:true
- subjectKeyIdentifier = hash
- authorityKeyIdentifier = keyid:always,issuer:always
- keyUsage = keyCertSign, cRLSign
- authorityInfoAccess = OCSP;URI:http://127.0.0.1:22220
- # OCSP extensions.
- [ v3_ocsp ]
- basicConstraints = CA:false
- subjectKeyIdentifier = hash
- authorityKeyIdentifier = keyid:always,issuer:always
- extendedKeyUsage = OCSPSigning
|
