# | |
# Beginning of file ca.config | |
[ ca ] | |
default_ca = CA_own | |
[ CA_own ] | |
dir = . | |
certs = $dir | |
new_certs_dir = $dir/ca.db.certs | |
database = $dir/ca.db.index | |
serial = $dir/ca.db.serial | |
RANDFILE = $dir/ca.db.rand | |
certificate = $dir/CA.pem | |
private_key = $dir/CAKey.pem | |
default_days = 365 | |
default_crl_days = 30 | |
default_md = md5 | |
preserve = no | |
x509_extensions = usr_cert | |
policy = policy_match | |
# | |
[ usr_cert ] | |
basicConstraints = CA:FALSE | |
nsComment = "OpenSSL Generated Certificate" | |
subjectKeyIdentifier = hash | |
authorityKeyIdentifier = keyid,issuer:always | |
[ req ] | |
default_bits = 1024 | |
distinguished_name = req_distinguished_name | |
x509_extensions = v3_ca | |
policy = policy_anything | |
[ v3_req ] | |
basicConstraints = CA:FALSE | |
keyUsage = nonRepudiation, digitalSignature, keyEncipherment | |
[ v3_ca ] | |
subjectKeyIdentifier = hash | |
authorityKeyIdentifier = keyid:always,issuer:always | |
basicConstraints = CA:true | |
# | |
# For the CA policy | |
# | |
[ policy_match ] | |
countryName = match | |
stateOrProvinceName = match | |
organizationName = match | |
organizationalUnitName = optional | |
commonName = supplied | |
emailAddress = optional | |
# | |
[ policy_anything ] | |
countryName = optional | |
stateOrProvinceName = optional | |
localityName = optional | |
organizationName = optional | |
organizationalUnitName = optional | |
commonName = supplied | |
emailAddress = optional | |
# | |
[ req_distinguished_name ] | |
countryName = Country Name (2 letter code) | |
countryName_default = DE | |
CountryName_min = 2 | |
CountryName_max = 2 | |
stateOrProvinceName = State or Province Name (full name) | |
stateOrProvinceName_default = Bayern | |
localityName = Locality Name (e.g., city) | |
localityName_default = Munich | |
0.organizationName = Organization Name (e.g., company) | |
0.organizationName_default = Home | |
organizationalUnitName = Organizational Unit Name (e.g., section) | |
organizationalUnitName_default = Apache WSS4J | |
commonName = Common Name (e.g., your name or server name) | |
commonName_max = 64 | |
commonName_default = Werner | |
# end of file ca.config |