2009-01-03 21:22:43 +00:00
|
|
|
##================================================================
|
|
|
|
##============== Example OpenSSL configuration file ==============
|
|
|
|
##================================================================
|
|
|
|
|
|
|
|
# References:
|
|
|
|
#
|
|
|
|
# /etc/ssl/openssl.conf
|
|
|
|
# http://www.openssl.org/docs/apps/config.html
|
|
|
|
# http://www.openssl.org/docs/apps/x509v3_config.html
|
|
|
|
|
|
|
|
[ ca ]
|
|
|
|
default_ca = my_ca
|
|
|
|
|
|
|
|
[ my_ca ]
|
|
|
|
certificate = test-ca.crt
|
|
|
|
private_key = test-ca.key
|
|
|
|
database = index
|
|
|
|
serial = serial
|
|
|
|
|
|
|
|
new_certs_dir = newcerts
|
2011-02-20 10:40:16 +00:00
|
|
|
default_crl_days = 5
|
|
|
|
default_days = 3653
|
2009-01-03 21:22:43 +00:00
|
|
|
default_md = sha1
|
|
|
|
policy = my_policy
|
|
|
|
x509_extensions = v3_usr
|
2012-02-11 16:09:32 +00:00
|
|
|
copy_extensions = copy
|
2009-01-03 21:22:43 +00:00
|
|
|
|
|
|
|
[ my_policy ]
|
2009-02-09 21:06:41 +00:00
|
|
|
countryName = supplied
|
2009-01-03 21:22:43 +00:00
|
|
|
organizationName = match
|
|
|
|
commonName = supplied
|
|
|
|
|
|
|
|
[ req ]
|
|
|
|
distinguished_name = my_req_dn
|
|
|
|
x509_extensions = v3_ca
|
2012-02-11 16:09:32 +00:00
|
|
|
prompt = no
|
2009-01-03 21:22:43 +00:00
|
|
|
|
|
|
|
[ v3_ca ]
|
|
|
|
basicConstraints = CA:TRUE
|
|
|
|
subjectKeyIdentifier = hash
|
|
|
|
authorityKeyIdentifier = keyid:always,issuer:always
|
|
|
|
|
|
|
|
[ v3_usr ]
|
|
|
|
basicConstraints = CA:FALSE
|
|
|
|
subjectKeyIdentifier = hash
|
|
|
|
authorityKeyIdentifier = keyid,issuer
|
2009-01-15 20:46:08 +00:00
|
|
|
|
2009-02-09 21:06:41 +00:00
|
|
|
[ my_req_dn ]
|
|
|
|
C=NL
|
|
|
|
O=PolarSSL
|