sl@0: # openssl.config sl@0: # sl@0: # Config file for OpenSSL CA sl@0: sl@0: [ ca ] sl@0: sl@0: default_ca = ca_default # The default ca section sl@0: sl@0: [ Root1 ] sl@0: sl@0: dir = Root1 sl@0: database = $dir\\index.txt # index file. sl@0: new_certs_dir = $dir\\certs # new certs dir sl@0: sl@0: certificate = $dir\\certs\\ca.pem # The CA cert sl@0: serial = $dir\\serial # serial no file sl@0: private_key = $dir\\private\\ca.key.pem # CA private key sl@0: RANDFILE = $dir\\private\\.rand # random number file sl@0: sl@0: default_days = 365 # how long to certify for sl@0: default_crl_days= 30 # how long before next CRL sl@0: default_md = md5 # md to use sl@0: sl@0: policy = ca_policy # our policy sl@0: email_in_dn = no # Don't add the email into cert DN sl@0: sl@0: nameopt = default_ca # Subject name display option sl@0: certopt = default_ca # Certificate display option sl@0: copy_extensions = none # Don't copy extensions from request sl@0: sl@0: distinguished_name = root_ca_distinguished_name sl@0: sl@0: sl@0: [ Root2 ] sl@0: sl@0: dir = Root2 sl@0: database = $dir\\index.txt # index file. sl@0: new_certs_dir = $dir\\certs # new certs dir sl@0: sl@0: certificate = $dir\\certs\\ca.pem # The CA cert sl@0: serial = $dir\\serial # serial no file sl@0: private_key = $dir\\private\\ca.key.pem # CA private key sl@0: RANDFILE = $dir\\private\\.rand # random number file sl@0: sl@0: default_days = 365 # how long to certify for sl@0: default_crl_days= 30 # how long before next CRL sl@0: default_md = sha1 # md to use sl@0: sl@0: policy = ca_policy # our policy sl@0: email_in_dn = no # Don't add the email into cert DN sl@0: sl@0: nameopt = default_ca # Subject name display option sl@0: certopt = default_ca # Certificate display option sl@0: copy_extensions = none # Don't copy extensions from request sl@0: sl@0: sl@0: [ Root5] sl@0: sl@0: dir = Root5 sl@0: database = $dir\\index.txt # index file. sl@0: new_certs_dir = $dir\\certs # new certs dir sl@0: sl@0: certificate = $dir\\certs\\ca.pem # The CA cert sl@0: serial = $dir\\serial # serial no file sl@0: private_key = $dir\\private\\ca.key.pem # CA private key sl@0: RANDFILE = $dir\\private\\.rand # random number file sl@0: sl@0: default_days = 365 # how long to certify for sl@0: default_crl_days= 30 # how long before next CRL sl@0: default_md = md5 # md to use sl@0: sl@0: policy = ca_policy # our policy sl@0: email_in_dn = no # Don't add the email into cert DN sl@0: sl@0: nameopt = default_ca # Subject name display option sl@0: certopt = default_ca # Certificate display option sl@0: copy_extensions = none # Don't copy extensions from request sl@0: sl@0: sl@0: [ Root5-Mid ] sl@0: dir = Root5-Mid sl@0: database = $dir\\index.txt # index file. sl@0: new_certs_dir = $dir\\certs # new certs dir sl@0: sl@0: certificate = $dir\\certs\\Mid-R5.pem # The CA cert sl@0: serial = $dir\\serial # serial no file sl@0: private_key = $dir\\private\\Mid-R5.key.pem # CA private key sl@0: RANDFILE = $dir\\private\\.rand # random number file sl@0: sl@0: default_days = 365 # how long to certify for sl@0: default_crl_days= 30 # how long before next CRL sl@0: default_md = md5 # md to use sl@0: sl@0: policy = ca_policy # our policy sl@0: email_in_dn = no # Don't add the email into cert DN sl@0: sl@0: nameopt = default_ca # Subject name display option sl@0: certopt = default_ca # Certificate display option sl@0: copy_extensions = none # Don't copy extensions from request sl@0: sl@0: sl@0: sl@0: [ Root3-OCSP ] sl@0: sl@0: dir = Root3-OCSP sl@0: database = $dir\\index.txt # index file. sl@0: new_certs_dir = $dir\\certs # new certs dir sl@0: sl@0: certificate = $dir\\certs\\ca.pem # The CA cert sl@0: serial = $dir\\serial # serial no file sl@0: private_key = $dir\\private\\ca.key.pem # CA private key sl@0: RANDFILE = $dir\\private\\.rand # random number file sl@0: sl@0: default_days = 365 # how long to certify for sl@0: default_crl_days= 30 # how long before next CRL sl@0: default_md = md5 # md to use sl@0: sl@0: policy = ca_policy # our policy sl@0: email_in_dn = no # Don't add the email into cert DN sl@0: sl@0: nameopt = default_ca # Subject name display option sl@0: certopt = default_ca # Certificate display option sl@0: copy_extensions = none # Don't copy extensions from request sl@0: sl@0: sl@0: [ OCSPSigningRoot ] sl@0: sl@0: dir = OCSPSigningRoot sl@0: database = $dir\\index.txt # index file. sl@0: new_certs_dir = $dir\\certs # new certs dir sl@0: sl@0: certificate = $dir\\certs\\ca.pem # The CA cert sl@0: serial = $dir\\serial # serial no file sl@0: private_key = $dir\\private\\ca.key.pem # CA private key sl@0: RANDFILE = $dir\\private\\.rand # random number file sl@0: sl@0: default_days = 365 # how long to certify for sl@0: default_crl_days= 30 # how long before next CRL sl@0: default_md = sha1 # md to use sl@0: sl@0: policy = ca_policy # our policy sl@0: email_in_dn = no # Don't add the email into cert DN sl@0: sl@0: nameopt = default_ca # Subject name display option sl@0: certopt = default_ca # Certificate display option sl@0: copy_extensions = none # Don't copy extensions from request sl@0: sl@0: sl@0: [ Root5_Root_Ext ] sl@0: keyUsage=critical,keyCertSign sl@0: basicConstraints=critical,CA:TRUE, pathlen:5 sl@0: subjectKeyIdentifier=hash sl@0: sl@0: [ Root5_Ext ] sl@0: extendedKeyUsage=codeSigning sl@0: certificatePolicies=1.2.826.0.1.1796587.1 sl@0: sl@0: [ Root5_Mid ] sl@0: keyUsage=critical,keyCertSign sl@0: basicConstraints=critical,CA:TRUE, pathlen:5 sl@0: subjectKeyIdentifier=hash sl@0: sl@0: [ Root5_Mid_EE ] sl@0: extendedKeyUsage=codeSigning sl@0: certificatePolicies=1.2.826.0.1.1796587.1 sl@0: basicConstraints=critical,CA:FALSE sl@0: sl@0: sl@0: [ NoOCSP_Ext ] sl@0: 1.3.6.1.5.5.7.48.1.5=DER:0500 sl@0: sl@0: sl@0: [ req ] sl@0: distinguished_name = root_ca_distinguished_name sl@0: sl@0: [ ca_policy ] sl@0: sl@0: organizationName = supplied sl@0: commonName = supplied sl@0: sl@0: sl@0: [ root_ca_distinguished_name ] sl@0: commonName = Symbian Software Ltd sl@0: stateOrProvinceName = London sl@0: countryName = UK sl@0: emailAddress = Jeremy.Smithers@Symbian.com sl@0: organizationName = Symbian Software Ltd