diff options
Diffstat (limited to 'tests/certs/rootca.conf')
-rw-r--r-- | tests/certs/rootca.conf | 64 |
1 files changed, 64 insertions, 0 deletions
diff --git a/tests/certs/rootca.conf b/tests/certs/rootca.conf new file mode 100644 index 0000000..7b2585a --- /dev/null +++ b/tests/certs/rootca.conf @@ -0,0 +1,64 @@ +[ ca ] +default_ca = myca + +[ crl_ext ] +issuerAltName=issuer:copy +authorityKeyIdentifier=keyid:always + + [ myca ] + dir = /home/twoflower/Projects/wget/tests/certs + new_certs_dir = ./ + unique_subject = no + certificate = $dir/test-ca-cert.pem + database = certindex + private_key = $dir/test-ca-key.pem + serial = certserial + default_days = 730 + default_md = sha1 + policy = myca_policy + x509_extensions = myca_extensions + crlnumber = crlnumber + default_crl_days = 730 + + [ myca_policy ] + commonName = supplied + stateOrProvinceName = supplied + countryName = optional + emailAddress = optional + organizationName = supplied + organizationalUnitName = optional + + [ myca_extensions ] + basicConstraints = critical,CA:TRUE + keyUsage = critical,any + subjectKeyIdentifier = hash + authorityKeyIdentifier = keyid:always,issuer + keyUsage = digitalSignature,keyEncipherment,cRLSign,keyCertSign + extendedKeyUsage = serverAuth + crlDistributionPoints = @crl_section + subjectAltName = @alt_names + authorityInfoAccess = @ocsp_section + + [ v3_ca ] + basicConstraints = critical,CA:TRUE,pathlen:0 + keyUsage = critical,any + subjectKeyIdentifier = hash + authorityKeyIdentifier = keyid:always,issuer + keyUsage = digitalSignature,keyEncipherment,cRLSign,keyCertSign + extendedKeyUsage = serverAuth + crlDistributionPoints = @crl_section + subjectAltName = @alt_names + authorityInfoAccess = @ocsp_section + + [alt_names] + DNS.0 = WgetTestingServer + + [crl_section] + URI.0 = http://test.wgettest.org/Bogus.crl + URI.1 = http://test.wgettest.org/Bogus.crl + + [ocsp_section] + caIssuers;URI.0 = http://test.wgettest.com/Bogus.crt + caIssuers;URI.1 = http://test.wgettest.com/Bogus.crt + OCSP;URI.0 = http://test.wgettest.com/ocsp/ + OCSP;URI.1 = http://test.wgettest.com/ocsp/ |