forked from zer.ooo/web
You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
45 lines
1.2 KiB
Plaintext
45 lines
1.2 KiB
Plaintext
9 years ago
|
distinguished_name = req_distinguished_name
|
||
|
|
[ca]
|
||
|
|
default_ca=ca_default
|
||
|
|
[req_distinguished_name]
|
||
|
|
[v3_req]
|
||
|
|
[v3_ca]
|
||
|
|
[ca_default]
|
||
|
|
crl_extensions=crl_ext
|
||
|
9 years ago
|
private_key=storage/ca/ca.key
|
||
|
|
certificate=storage/ca/ca.crt
|
||
|
|
new_certs_dir=storage/ca/certs/
|
||
|
|
database=storage/ca/database
|
||
|
9 years ago
|
default_md=sha256
|
||
|
|
policy=policy_only_commonname
|
||
|
9 years ago
|
serial=storage/ca/serial
|
||
|
|
crlnumber=storage/ca/crl_serial
|
||
|
9 years ago
|
default_crl_days=1
|
||
|
|
[policy_only_commonname]
|
||
|
|
countryName = optional
|
||
|
|
stateOrProvinceName = optional
|
||
|
|
localityName = optional
|
||
|
|
organizationName = optional
|
||
|
|
organizationalUnitName = optional
|
||
|
|
commonName = supplied
|
||
|
|
emailAddress = optional
|
||
|
|
[req]
|
||
|
|
x509_extensions = client_ext
|
||
|
|
[server_ext]
|
||
|
|
basicConstraints = CA:FALSE
|
||
|
|
subjectKeyIdentifier=hash
|
||
|
|
authorityKeyIdentifier = keyid,issuer:always
|
||
|
|
extendedKeyUsage = serverAuth
|
||
|
|
keyUsage = digitalSignature,keyEncipherment
|
||
|
9 years ago
|
crlDistributionPoints = URI:http://{{ host }}/crl
|
||
|
9 years ago
|
[client_ext]
|
||
|
|
subjectKeyIdentifier=hash
|
||
|
|
basicConstraints = CA:FALSE
|
||
|
9 years ago
|
crlDistributionPoints = URI:http://{{ host }}/crl
|
||
|
9 years ago
|
[ca_ext]
|
||
|
|
basicConstraints = CA:TRUE
|
||
|
|
subjectKeyIdentifier=hash
|
||
|
9 years ago
|
crlDistributionPoints = URI:http://{{ host }}/crl
|
||
|
9 years ago
|
[crl_ext]
|
||
|
|
authorityKeyIdentifier=keyid:always
|