|
sl@0
|
1 |
[Root5CA]
|
|
sl@0
|
2 |
|
|
sl@0
|
3 |
database = index.txt # index file.
|
|
sl@0
|
4 |
new_certs_dir = . # new certs dir
|
|
sl@0
|
5 |
|
|
sl@0
|
6 |
certificate = ../root5ca.pem # The CA cert
|
|
sl@0
|
7 |
serial = serial # serial no file
|
|
sl@0
|
8 |
private_key = ../root5ca_key.pem # CA private key
|
|
sl@0
|
9 |
RANDFILE = rand # random number file
|
|
sl@0
|
10 |
|
|
sl@0
|
11 |
default_days = 365 # how long to certify for
|
|
sl@0
|
12 |
default_crl_days= 30 # how long before next CRL
|
|
sl@0
|
13 |
default_md = md5 # md to use
|
|
sl@0
|
14 |
|
|
sl@0
|
15 |
policy = policy_any # default policy
|
|
sl@0
|
16 |
email_in_dn = no # Don't add the email into cert DN
|
|
sl@0
|
17 |
|
|
sl@0
|
18 |
name_opt = ca_default # Subject name display option
|
|
sl@0
|
19 |
cert_opt = ca_default # Certificate display option
|
|
sl@0
|
20 |
copy_extensions = none # Don't copy extensions from request
|
|
sl@0
|
21 |
|
|
sl@0
|
22 |
[policy_any]
|
|
sl@0
|
23 |
countryName = supplied
|
|
sl@0
|
24 |
stateOrProvinceName = optional
|
|
sl@0
|
25 |
organizationName = optional
|
|
sl@0
|
26 |
organizationalUnitName = optional
|
|
sl@0
|
27 |
commonName = supplied
|
|
sl@0
|
28 |
emailAddress = optional
|
|
sl@0
|
29 |
|
|
sl@0
|
30 |
[ca_policy]
|
|
sl@0
|
31 |
organizationName = supplied
|
|
sl@0
|
32 |
commonName = supplied
|
|
sl@0
|
33 |
|
|
sl@0
|
34 |
[Signing_Extensions]
|
|
sl@0
|
35 |
extendedKeyUsage=codeSigning
|