Home | History | Annotate | Line # | Download | only in test 
      1 
      2 ####################################################################
      3 [ ca ]
      4 default_ca	= CA_default		# The default ca section
      5 
      6 ####################################################################
      7 [ CA_default ]
      8 
      9 dir		= ./demoCA		# Where everything is kept
     10 certs		= $dir/certs		# Where the issued certs are kept
     11 crl_dir		= $dir/crl		# Where the issued crl are kept
     12 database	= $dir/index.txt	# database index file.
     13 new_certs_dir	= $dir/new_certs	# default place for new certs.
     14 
     15 certificate	= $dir/CAcert.pem 	# The CA certificate
     16 serial		= $dir/serial 		# The current serial number
     17 crl		= $dir/crl.pem 		# The current CRL
     18 private_key	= $dir/private/CAkey.pem# The private key
     19 
     20 default_days	= 365			# how long to certify for
     21 default_crl_days= 30			# how long before next CRL
     22 default_md	= md5			# which md to use.
     23 
     24 # A few difference way of specifying how similar the request should look
     25 # For type CA, the listed attributes must be the same, and the optional
     26 # and supplied fields are just that :-)
     27 policy		= policy_match
     28 
     29 # For the CA policy
     30 [ policy_match ]
     31 countryName		= match
     32 stateOrProvinceName	= match
     33 organizationName	= match
     34 organizationalUnitName	= optional
     35 commonName		= supplied
     36 emailAddress		= optional
     37 
     38 # For the 'anything' policy
     39 # At this point in time, you must list all acceptable 'object'
     40 # types.
     41 [ policy_anything ]
     42 countryName		= optional
     43 stateOrProvinceName	= optional
     44 localityName		= optional
     45 organizationName	= optional
     46 organizationalUnitName	= optional
     47 commonName		= supplied
     48 emailAddress		= optional
     49 
     50 ####################################################################
     51 [ req ]
     52 distinguished_name	= req_distinguished_name
     53 
     54 # Make altreq be identical to req
     55 [ altreq ]
     56 distinguished_name	= req_distinguished_name
     57 encrypt_rsa_key		= no
     58 
     59 [ req_distinguished_name ]
     60 countryName			= C field
     61 countryName_value		= AU
     62 stateOrProvinceName		= SP field
     63 stateOrProvinceName_value	=
     64 localityName			= L field
     65 localityName_value		= Brisbane
     66 organizationName		= O field
     67 organizationName_value		= CryptSoft Pty Ltd
     68 organizationalUnitName		= OU field
     69 organizationalUnitName_value	= .
     70 commonName			= CN field
     71 commonName_value		= Eric Young
     72 emailAddress			= email field
     73 emailAddress_value		= eay (a] mincom.oz.au
     74 
     75 [ dirname_sec ]
     76 C  = UK
     77 O  = My Organization
     78 OU = My Unit
     79 CN = My Name
     80 
     81 [ reqexts ]
     82 keyUsage = critical,digitalSignature,keyEncipherment
     83