os/security/cryptoservices/certificateandkeymgmt/testcertificates/openssl/openssl.config
1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/os/security/cryptoservices/certificateandkeymgmt/testcertificates/openssl/openssl.config Fri Jun 15 03:10:57 2012 +0200
1.3 @@ -0,0 +1,187 @@
1.4 +# openssl.config
1.5 +#
1.6 +# Config file for OpenSSL CA
1.7 +
1.8 +[ ca ]
1.9 +
1.10 +default_ca = ca_default # The default ca section
1.11 +
1.12 +[ Root1 ]
1.13 +
1.14 +dir = Root1
1.15 +database = $dir\\index.txt # index file.
1.16 +new_certs_dir = $dir\\certs # new certs dir
1.17 +
1.18 +certificate = $dir\\certs\\ca.pem # The CA cert
1.19 +serial = $dir\\serial # serial no file
1.20 +private_key = $dir\\private\\ca.key.pem # CA private key
1.21 +RANDFILE = $dir\\private\\.rand # random number file
1.22 +
1.23 +default_days = 365 # how long to certify for
1.24 +default_crl_days= 30 # how long before next CRL
1.25 +default_md = md5 # md to use
1.26 +
1.27 +policy = ca_policy # our policy
1.28 +email_in_dn = no # Don't add the email into cert DN
1.29 +
1.30 +nameopt = default_ca # Subject name display option
1.31 +certopt = default_ca # Certificate display option
1.32 +copy_extensions = none # Don't copy extensions from request
1.33 +
1.34 +distinguished_name = root_ca_distinguished_name
1.35 +
1.36 +
1.37 +[ Root2 ]
1.38 +
1.39 +dir = Root2
1.40 +database = $dir\\index.txt # index file.
1.41 +new_certs_dir = $dir\\certs # new certs dir
1.42 +
1.43 +certificate = $dir\\certs\\ca.pem # The CA cert
1.44 +serial = $dir\\serial # serial no file
1.45 +private_key = $dir\\private\\ca.key.pem # CA private key
1.46 +RANDFILE = $dir\\private\\.rand # random number file
1.47 +
1.48 +default_days = 365 # how long to certify for
1.49 +default_crl_days= 30 # how long before next CRL
1.50 +default_md = sha1 # md to use
1.51 +
1.52 +policy = ca_policy # our policy
1.53 +email_in_dn = no # Don't add the email into cert DN
1.54 +
1.55 +nameopt = default_ca # Subject name display option
1.56 +certopt = default_ca # Certificate display option
1.57 +copy_extensions = none # Don't copy extensions from request
1.58 +
1.59 +
1.60 +[ Root5]
1.61 +
1.62 +dir = Root5
1.63 +database = $dir\\index.txt # index file.
1.64 +new_certs_dir = $dir\\certs # new certs dir
1.65 +
1.66 +certificate = $dir\\certs\\ca.pem # The CA cert
1.67 +serial = $dir\\serial # serial no file
1.68 +private_key = $dir\\private\\ca.key.pem # CA private key
1.69 +RANDFILE = $dir\\private\\.rand # random number file
1.70 +
1.71 +default_days = 365 # how long to certify for
1.72 +default_crl_days= 30 # how long before next CRL
1.73 +default_md = md5 # md to use
1.74 +
1.75 +policy = ca_policy # our policy
1.76 +email_in_dn = no # Don't add the email into cert DN
1.77 +
1.78 +nameopt = default_ca # Subject name display option
1.79 +certopt = default_ca # Certificate display option
1.80 +copy_extensions = none # Don't copy extensions from request
1.81 +
1.82 +
1.83 +[ Root5-Mid ]
1.84 +dir = Root5-Mid
1.85 +database = $dir\\index.txt # index file.
1.86 +new_certs_dir = $dir\\certs # new certs dir
1.87 +
1.88 +certificate = $dir\\certs\\Mid-R5.pem # The CA cert
1.89 +serial = $dir\\serial # serial no file
1.90 +private_key = $dir\\private\\Mid-R5.key.pem # CA private key
1.91 +RANDFILE = $dir\\private\\.rand # random number file
1.92 +
1.93 +default_days = 365 # how long to certify for
1.94 +default_crl_days= 30 # how long before next CRL
1.95 +default_md = md5 # md to use
1.96 +
1.97 +policy = ca_policy # our policy
1.98 +email_in_dn = no # Don't add the email into cert DN
1.99 +
1.100 +nameopt = default_ca # Subject name display option
1.101 +certopt = default_ca # Certificate display option
1.102 +copy_extensions = none # Don't copy extensions from request
1.103 +
1.104 +
1.105 +
1.106 +[ Root3-OCSP ]
1.107 +
1.108 +dir = Root3-OCSP
1.109 +database = $dir\\index.txt # index file.
1.110 +new_certs_dir = $dir\\certs # new certs dir
1.111 +
1.112 +certificate = $dir\\certs\\ca.pem # The CA cert
1.113 +serial = $dir\\serial # serial no file
1.114 +private_key = $dir\\private\\ca.key.pem # CA private key
1.115 +RANDFILE = $dir\\private\\.rand # random number file
1.116 +
1.117 +default_days = 365 # how long to certify for
1.118 +default_crl_days= 30 # how long before next CRL
1.119 +default_md = md5 # md to use
1.120 +
1.121 +policy = ca_policy # our policy
1.122 +email_in_dn = no # Don't add the email into cert DN
1.123 +
1.124 +nameopt = default_ca # Subject name display option
1.125 +certopt = default_ca # Certificate display option
1.126 +copy_extensions = none # Don't copy extensions from request
1.127 +
1.128 +
1.129 +[ OCSPSigningRoot ]
1.130 +
1.131 +dir = OCSPSigningRoot
1.132 +database = $dir\\index.txt # index file.
1.133 +new_certs_dir = $dir\\certs # new certs dir
1.134 +
1.135 +certificate = $dir\\certs\\ca.pem # The CA cert
1.136 +serial = $dir\\serial # serial no file
1.137 +private_key = $dir\\private\\ca.key.pem # CA private key
1.138 +RANDFILE = $dir\\private\\.rand # random number file
1.139 +
1.140 +default_days = 365 # how long to certify for
1.141 +default_crl_days= 30 # how long before next CRL
1.142 +default_md = sha1 # md to use
1.143 +
1.144 +policy = ca_policy # our policy
1.145 +email_in_dn = no # Don't add the email into cert DN
1.146 +
1.147 +nameopt = default_ca # Subject name display option
1.148 +certopt = default_ca # Certificate display option
1.149 +copy_extensions = none # Don't copy extensions from request
1.150 +
1.151 +
1.152 +[ Root5_Root_Ext ]
1.153 +keyUsage=critical,keyCertSign
1.154 +basicConstraints=critical,CA:TRUE, pathlen:5
1.155 +subjectKeyIdentifier=hash
1.156 +
1.157 +[ Root5_Ext ]
1.158 +extendedKeyUsage=codeSigning
1.159 +certificatePolicies=1.2.826.0.1.1796587.1
1.160 +
1.161 +[ Root5_Mid ]
1.162 +keyUsage=critical,keyCertSign
1.163 +basicConstraints=critical,CA:TRUE, pathlen:5
1.164 +subjectKeyIdentifier=hash
1.165 +
1.166 +[ Root5_Mid_EE ]
1.167 +extendedKeyUsage=codeSigning
1.168 +certificatePolicies=1.2.826.0.1.1796587.1
1.169 +basicConstraints=critical,CA:FALSE
1.170 +
1.171 +
1.172 +[ NoOCSP_Ext ]
1.173 +1.3.6.1.5.5.7.48.1.5=DER:0500
1.174 +
1.175 +
1.176 +[ req ]
1.177 +distinguished_name = root_ca_distinguished_name
1.178 +
1.179 +[ ca_policy ]
1.180 +
1.181 +organizationName = supplied
1.182 +commonName = supplied
1.183 +
1.184 +
1.185 +[ root_ca_distinguished_name ]
1.186 + commonName = Symbian Software Ltd
1.187 + stateOrProvinceName = London
1.188 + countryName = UK
1.189 + emailAddress = Jeremy.Smithers@Symbian.com
1.190 + organizationName = Symbian Software Ltd