You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

45 lines
1.2 KiB
Twig

distinguished_name = req_distinguished_name
[ca]
default_ca=ca_default
[req_distinguished_name]
[v3_req]
[v3_ca]
[ca_default]
crl_extensions=crl_ext
private_key=storage/ca/ca.key
certificate=storage/ca/ca.crt
new_certs_dir=storage/ca/certs/
database=storage/ca/database
default_md=sha256
policy=policy_only_commonname
serial=storage/ca/serial
crlnumber=storage/ca/crl_serial
default_crl_days=1
[policy_only_commonname]
countryName = optional
stateOrProvinceName = optional
localityName = optional
organizationName = optional
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
[req]
x509_extensions = client_ext
[server_ext]
basicConstraints = CA:FALSE
subjectKeyIdentifier=hash
authorityKeyIdentifier = keyid,issuer:always
extendedKeyUsage = serverAuth
keyUsage = digitalSignature,keyEncipherment
crlDistributionPoints = URI:http://{{ host }}/crl
[client_ext]
subjectKeyIdentifier=hash
basicConstraints = CA:FALSE
crlDistributionPoints = URI:http://{{ host }}/crl
[ca_ext]
basicConstraints = CA:TRUE
subjectKeyIdentifier=hash
crlDistributionPoints = URI:http://{{ host }}/crl
[crl_ext]
authorityKeyIdentifier=keyid:always