Symaptic: os/security/cryptoservices/certificateandkeymgmt/testcertificates/openssl/openssl.config@bde4ae8d615e

     1 # openssl.config

2 #

     3 # Config file for OpenSSL CA

     5 [ ca ]

     7 default_ca      = ca_default            # The default ca section

     9 [ Root1 ]

    11 dir            = Root1

    12 database       = $dir\\index.txt         # index file.

    13 new_certs_dir  = $dir\\certs             # new certs dir

    15 certificate    = $dir\\certs\\ca.pem        # The CA cert

    16 serial         = $dir\\serial            # serial no file

    17 private_key    = $dir\\private\\ca.key.pem # CA private key

    18 RANDFILE       = $dir\\private\\.rand     # random number file

    20 default_days   = 365                    # how long to certify for

    21 default_crl_days= 30                    # how long before next CRL

    22 default_md     = md5                    # md to use

    24 policy         = ca_policy              # our policy

    25 email_in_dn    = no                     # Don't add the email into cert DN

    27 nameopt        = default_ca             # Subject name display option

    28 certopt        = default_ca             # Certificate display option

    29 copy_extensions = none                  # Don't copy extensions from request

    31 distinguished_name      = root_ca_distinguished_name

    34 [ Root2 ]

    36 dir            = Root2

    37 database       = $dir\\index.txt         # index file.

    38 new_certs_dir  = $dir\\certs             # new certs dir

    40 certificate    = $dir\\certs\\ca.pem        # The CA cert

    41 serial         = $dir\\serial            # serial no file

    42 private_key    = $dir\\private\\ca.key.pem # CA private key

    43 RANDFILE       = $dir\\private\\.rand     # random number file

    45 default_days   = 365                    # how long to certify for

    46 default_crl_days= 30                    # how long before next CRL

    47 default_md     = sha1                    # md to use

    49 policy         = ca_policy              # our policy

    50 email_in_dn    = no                     # Don't add the email into cert DN

    52 nameopt        = default_ca             # Subject name display option

    53 certopt        = default_ca             # Certificate display option

    54 copy_extensions = none                  # Don't copy extensions from request

    57 [ Root5]

    59 dir            = Root5

    60 database       = $dir\\index.txt         # index file.

    61 new_certs_dir  = $dir\\certs             # new certs dir

    63 certificate    = $dir\\certs\\ca.pem        # The CA cert

    64 serial         = $dir\\serial            # serial no file

    65 private_key    = $dir\\private\\ca.key.pem # CA private key

    66 RANDFILE       = $dir\\private\\.rand     # random number file

    68 default_days   = 365                    # how long to certify for

    69 default_crl_days= 30                    # how long before next CRL

    70 default_md     = md5                    # md to use

    72 policy         = ca_policy              # our policy

    73 email_in_dn    = no                     # Don't add the email into cert DN

    75 nameopt        = default_ca             # Subject name display option

    76 certopt        = default_ca             # Certificate display option

    77 copy_extensions = none                  # Don't copy extensions from request

    80 [ Root5-Mid ]

    81 dir            = Root5-Mid

    82 database       = $dir\\index.txt         # index file.

    83 new_certs_dir  = $dir\\certs             # new certs dir

    85 certificate    = $dir\\certs\\Mid-R5.pem        # The CA cert

    86 serial         = $dir\\serial            # serial no file

    87 private_key    = $dir\\private\\Mid-R5.key.pem # CA private key

    88 RANDFILE       = $dir\\private\\.rand     # random number file

    90 default_days   = 365                    # how long to certify for

    91 default_crl_days= 30                    # how long before next CRL

    92 default_md     = md5                    # md to use

    94 policy         = ca_policy              # our policy

    95 email_in_dn    = no                     # Don't add the email into cert DN

    97 nameopt        = default_ca             # Subject name display option

    98 certopt        = default_ca             # Certificate display option

    99 copy_extensions = none                  # Don't copy extensions from request

   103 [ Root3-OCSP ]

   105 dir            = Root3-OCSP

   106 database       = $dir\\index.txt         # index file.

   107 new_certs_dir  = $dir\\certs             # new certs dir

   109 certificate    = $dir\\certs\\ca.pem        # The CA cert

   110 serial         = $dir\\serial            # serial no file

   111 private_key    = $dir\\private\\ca.key.pem # CA private key

   112 RANDFILE       = $dir\\private\\.rand     # random number file

   114 default_days   = 365                    # how long to certify for

   115 default_crl_days= 30                    # how long before next CRL

   116 default_md     = md5                    # md to use

   118 policy         = ca_policy              # our policy

   119 email_in_dn    = no                     # Don't add the email into cert DN

   121 nameopt        = default_ca             # Subject name display option

   122 certopt        = default_ca             # Certificate display option

   123 copy_extensions = none                  # Don't copy extensions from request

   126 [ OCSPSigningRoot ]

   128 dir            = OCSPSigningRoot

   129 database       = $dir\\index.txt         # index file.

   130 new_certs_dir  = $dir\\certs             # new certs dir

   132 certificate    = $dir\\certs\\ca.pem        # The CA cert

   133 serial         = $dir\\serial            # serial no file

   134 private_key    = $dir\\private\\ca.key.pem # CA private key

   135 RANDFILE       = $dir\\private\\.rand     # random number file

   137 default_days   = 365                    # how long to certify for

   138 default_crl_days= 30                    # how long before next CRL

   139 default_md     = sha1                    # md to use

   141 policy         = ca_policy              # our policy

   142 email_in_dn    = no                     # Don't add the email into cert DN

   144 nameopt        = default_ca             # Subject name display option

   145 certopt        = default_ca             # Certificate display option

   146 copy_extensions = none                  # Don't copy extensions from request

   149 [ Root5_Root_Ext ]

   150 keyUsage=critical,keyCertSign

   151 basicConstraints=critical,CA:TRUE, pathlen:5

   152 subjectKeyIdentifier=hash

   154 [ Root5_Ext ]

   155 extendedKeyUsage=codeSigning

   156 certificatePolicies=1.2.826.0.1.1796587.1

   158 [ Root5_Mid ]

   159 keyUsage=critical,keyCertSign

   160 basicConstraints=critical,CA:TRUE, pathlen:5

   161 subjectKeyIdentifier=hash

   163 [ Root5_Mid_EE ]

   164 extendedKeyUsage=codeSigning

   165 certificatePolicies=1.2.826.0.1.1796587.1

   166 basicConstraints=critical,CA:FALSE

   169 [ NoOCSP_Ext ]

   170 1.3.6.1.5.5.7.48.1.5=DER:0500

   173 [ req ]

   174 distinguished_name      = root_ca_distinguished_name

   176 [ ca_policy ]

   178 organizationName       = supplied

   179 commonName             = supplied

   182 [ root_ca_distinguished_name ]

   183 	commonName              = Symbian Software Ltd

   184 	stateOrProvinceName     = London

   185 	countryName             = UK

   186 	emailAddress            = Jeremy.Smithers@Symbian.com

   187 	organizationName        = Symbian Software Ltd

author	sl@SLION-WIN7.fritz.box
	Fri, 15 Jun 2012 03:10:57 +0200
changeset 0	bde4ae8d615e
permissions	-rw-r--r--