1 #################################################################### 2 [ req ] 3 default_bits = 2432 4 default_keyfile = cakey.pem 5 default_md = sha256 6 distinguished_name = req_DN 7 string_mask = utf8only 8 x509_extensions = v3_selfsign 9 10 [ req_DN ] 11 commonName = "Common Name" 12 commonName_value = "CA" 13 14 [ v3_selfsign ] 15 basicConstraints = critical,CA:true 16 keyUsage = keyCertSign 17 subjectKeyIdentifier=hash 18 19 #################################################################### 20 [ ca ] 21 default_ca = CA_default # The default ca section 22 23 #################################################################### 24 [ CA_default ] 25 26 dir = ./demoCA 27 certificate = ./demoCA/cacert.pem 28 serial = ./demoCA/serial 29 private_key = ./demoCA/private/cakey.pem 30 new_certs_dir = ./demoCA/newcerts 31 32 certificate = cacert.pem 33 private_key = cakey.pem 34 35 x509_extensions = v3_user 36 37 name_opt = ca_default # Subject Name options 38 cert_opt = ca_default # Certificate field options 39 40 policy = policy_anything 41 42 [ policy_anything ] 43 countryName = optional 44 stateOrProvinceName = optional 45 localityName = optional 46 organizationName = optional 47 organizationalUnitName = optional 48 commonName = supplied 49 emailAddress = optional 50 51 [ v3_user ] 52 basicConstraints=critical,CA:FALSE 53 subjectKeyIdentifier=hash 54 authorityKeyIdentifier=keyid,issuer 55 issuerAltName=issuer:copy 56 57
Indexes created Sat Feb 28 05:31:39 UTC 2026