blob: f468f1f25cfa3778b6c0832e53258bf71977348f [file] [log] [blame]
Paul Bakker5121ce52009-01-03 21:22:43 +00001##================================================================
2##============== Example OpenSSL configuration file ==============
3##================================================================
4
5# References:
6#
7# /etc/ssl/openssl.conf
8# http://www.openssl.org/docs/apps/config.html
9# http://www.openssl.org/docs/apps/x509v3_config.html
10
11[ ca ]
12default_ca = my_ca
13
14[ my_ca ]
15certificate = test-ca.crt
16private_key = test-ca.key
17database = index
18serial = serial
19
20new_certs_dir = newcerts
21default_crl_days = 60
22default_days = 730
23default_md = sha1
24policy = my_policy
25x509_extensions = v3_usr
26
27[ my_policy ]
28countryName = optional
29stateOrProvinceName = optional
30organizationName = match
31organizationalUnitName = optional
32commonName = supplied
33emailAddress = optional
34
35[ req ]
36distinguished_name = my_req_dn
37x509_extensions = v3_ca
38
39[ my_req_dn ]
40countryName = Country Name..............
41countryName_min = 2
42countryName_max = 2
43stateOrProvinceName = State or Province Name....
44localityName = Locality Name.............
450.organizationName = Organization Name.........
46organizationalUnitName = Org. Unit Name............
47commonName = Common Name (required)....
48commonName_max = 64
49emailAddress = Email Address.............
50emailAddress_max = 64
51
52[ v3_ca ]
53basicConstraints = CA:TRUE
54subjectKeyIdentifier = hash
55authorityKeyIdentifier = keyid:always,issuer:always
56
57[ v3_usr ]
58basicConstraints = CA:FALSE
59subjectKeyIdentifier = hash
60authorityKeyIdentifier = keyid,issuer