| ##================================================================ | |
| ##============== Example OpenSSL configuration file ============== | |
| ##================================================================ | |
| # References: | |
| # | |
| # /etc/ssl/openssl.conf | |
| # http://www.openssl.org/docs/apps/config.html | |
| # http://www.openssl.org/docs/apps/x509v3_config.html | |
| [ ca ] | |
| default_ca = my_ca | |
| [ my_ca ] | |
| certificate = test-ca.crt | |
| private_key = test-ca.key | |
| database = index | |
| serial = serial | |
| new_certs_dir = newcerts | |
| default_crl_days = 60 | |
| default_days = 730 | |
| default_md = sha1 | |
| policy = my_policy | |
| x509_extensions = v3_usr | |
| [ my_policy ] | |
| countryName = optional | |
| stateOrProvinceName = optional | |
| organizationName = match | |
| organizationalUnitName = optional | |
| commonName = supplied | |
| emailAddress = optional | |
| [ req ] | |
| distinguished_name = my_req_dn | |
| x509_extensions = v3_ca | |
| [ my_req_dn ] | |
| countryName = Country Name.............. | |
| countryName_min = 2 | |
| countryName_max = 2 | |
| stateOrProvinceName = State or Province Name.... | |
| localityName = Locality Name............. | |
| 0.organizationName = Organization Name......... | |
| organizationalUnitName = Org. Unit Name............ | |
| commonName = Common Name (required).... | |
| commonName_max = 64 | |
| emailAddress = Email Address............. | |
| emailAddress_max = 64 | |
| [ v3_ca ] | |
| basicConstraints = CA:TRUE | |
| subjectKeyIdentifier = hash | |
| authorityKeyIdentifier = keyid:always,issuer:always | |
| [ v3_usr ] | |
| basicConstraints = CA:FALSE | |
| subjectKeyIdentifier = hash | |
| authorityKeyIdentifier = keyid,issuer |