MercurialSymaptic / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | raw | help
os/ossrv/ssl/tsrc/topenssl/data/CAss.cnf
author sl
Tue, 10 Jun 2014 14:32:02 +0200
changeset 1 260cb5ec6c19
permissions -rw-r--r--
Update contrib. 
     1 #

     2 # SSLeay example configuration file.

     3 # This is mostly being used for generation of certificate requests.

     4 #

     5 

     6 RANDFILE		= ./.rnd

     7 

     8 ####################################################################

     9 [ req ]

    10 default_bits		= 512

    11 default_keyfile 	= keySS.pem

    12 distinguished_name	= req_distinguished_name

    13 encrypt_rsa_key		= no

    14 default_md		= sha1

    15 

    16 [ req_distinguished_name ]

    17 countryName			= Country Name (2 letter code)

    18 countryName_default		= AU

    19 countryName_value		= AU

    20 

    21 organizationName		= Organization Name (eg, company)

    22 organizationName_value		= Dodgy Brothers

    23 

    24 commonName			= Common Name (eg, YOUR name)

    25 commonName_value		= Dodgy CA

    26 

    27 ####################################################################

    28 [ ca ]

    29 default_ca	= CA_default		# The default ca section

    30 

    31 ####################################################################

    32 [ CA_default ]

    33 

    34 dir		= ./demoCA		# Where everything is kept

    35 certs		= $dir/certs		# Where the issued certs are kept

    36 crl_dir		= $dir/crl		# Where the issued crl are kept

    37 database	= $dir/index.txt	# database index file.

    38 #unique_subject	= no			# Set to 'no' to allow creation of

    39 					# several ctificates with same subject.

    40 new_certs_dir	= $dir/newcerts		# default place for new certs.

    41 

    42 certificate	= $dir/cacert.pem 	# The CA certificate

    43 serial		= $dir/serial 		# The current serial number

    44 crl		= $dir/crl.pem 		# The current CRL

    45 private_key	= $dir/private/cakey.pem# The private key

    46 RANDFILE	= $dir/private/.rand	# private random number file

    47 

    48 x509_extensions	= v3_ca			# The extentions to add to the cert

    49 

    50 name_opt 	= ca_default		# Subject Name options

    51 cert_opt 	= ca_default		# Certificate field options

    52 

    53 default_days	= 365			# how long to certify for

    54 default_crl_days= 30			# how long before next CRL

    55 default_md	= md5			# which md to use.

    56 preserve	= no			# keep passed DN ordering

    57 

    58 policy		= policy_anything

    59 

    60 [ policy_anything ]

    61 countryName		= optional

    62 stateOrProvinceName	= optional

    63 localityName		= optional

    64 organizationName	= optional

    65 organizationalUnitName	= optional

    66 commonName		= supplied

    67 emailAddress		= optional

    68 

    69 

    70 

    71 [ v3_ca ]

    72 subjectKeyIdentifier=hash

    73 authorityKeyIdentifier=keyid:always,issuer:always

    74 basicConstraints = CA:true,pathlen:1

    75 keyUsage = cRLSign, keyCertSign

    76 issuerAltName=issuer:copy
Symaptic