1 1.1 christos # 2 1.1 christos # OpenSSL configuration file to create apps directory certificates 3 1.1 christos # 4 1.1 christos 5 1.1 christos # This definition stops the following lines choking if HOME or CN 6 1.1 christos # is undefined. 7 1.1 christos HOME = . 8 1.1 christos CN = "Not Defined" 9 1.1 christos 10 1.1.1.2 christos # Comment out the next line to ignore configuration errors 11 1.1.1.2 christos config_diagnostics = 1 12 1.1.1.2 christos 13 1.1.1.2 christos 14 1.1 christos #################################################################### 15 1.1 christos [ req ] 16 1.1 christos default_bits = 2048 17 1.1 christos default_keyfile = privkey.pem 18 1.1 christos # Don't prompt for fields: use those in section directly 19 1.1 christos prompt = no 20 1.1 christos distinguished_name = req_distinguished_name 21 1.1 christos x509_extensions = v3_ca # The extensions to add to the self signed cert 22 1.1 christos string_mask = utf8only 23 1.1 christos 24 1.1 christos # req_extensions = v3_req # The extensions to add to a certificate request 25 1.1 christos 26 1.1 christos [ req_distinguished_name ] 27 1.1 christos countryName = UK 28 1.1 christos 29 1.1 christos organizationName = OpenSSL Group 30 1.1 christos organizationalUnitName = FOR TESTING PURPOSES ONLY 31 1.1 christos # Take CN from environment so it can come from a script. 32 1.1 christos commonName = $ENV::CN 33 1.1 christos 34 1.1 christos [ usr_cert ] 35 1.1 christos 36 1.1 christos # These extensions are added when 'ca' signs a request for an end entity 37 1.1 christos # certificate 38 1.1 christos 39 1.1 christos basicConstraints=critical, CA:FALSE 40 1.1 christos keyUsage=critical, nonRepudiation, digitalSignature, keyEncipherment 41 1.1 christos 42 1.1 christos [ ec_cert ] 43 1.1 christos 44 1.1 christos # These extensions are added when 'ca' signs a request for an end entity 45 1.1 christos # certificate 46 1.1 christos 47 1.1 christos basicConstraints=critical, CA:FALSE 48 1.1 christos keyUsage=critical, nonRepudiation, digitalSignature, keyAgreement 49 1.1 christos 50 1.1 christos # PKIX recommendations harmless if included in all certificates. 51 1.1 christos subjectKeyIdentifier=hash 52 1.1 christos authorityKeyIdentifier=keyid 53 1.1 christos 54 1.1 christos [ v3_ca ] 55 1.1 christos 56 1.1 christos 57 1.1 christos # Extensions for a typical CA 58 1.1 christos 59 1.1 christos # PKIX recommendation. 60 1.1 christos 61 1.1 christos subjectKeyIdentifier=hash 62 1.1 christos authorityKeyIdentifier=keyid:always 63 1.1 christos basicConstraints = critical,CA:true 64 1.1 christos keyUsage = critical, cRLSign, keyCertSign 65 1.1 christos 66 1.1 christos 67
Indexes created Sat Feb 28 05:31:39 UTC 2026