blob: 39eba573a4f91dc7ae9ca31097dd9dacc83e336c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
|
[ ca ]
default_ca = CA_default
[ CA_default ]
dir = ./
certs = $dir/certs
crl_dir = $dir/crl
database = $dir/index.txt
new_certs_dir = $dir/newcerts
certificate = $dir/ca.pem
serial = $dir/serial
crl = $dir/crl.pem
private_key = $dir/ca-key.pem
x509_extensions = usr_cert
name_opt = ca_default
cert_opt = ca_default
default_days = 36500
default_md = sha256
# How long before next CRL, default is 1 but for testing we need no expire, so 100 years is fine.
default_crl_days = 36500
preserve = no
policy = policy_match
[ policy_match ]
countryName = supplied
stateOrProvinceName = supplied
organizationName = supplied
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
[ usr_cert ]
basicConstraints=CA:FALSE
nsComment="OpenSSL Generated Certificate"
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer
|