--- /dev/null
+RANDFILE = %(basedir)s/.random
+
+[ ca ]
+default_ca = CA_default
+
+[ CA_default ]
+dir = %(basedir)s
+certs = $dir/public/certs
+crl_dir = $dir/public/crl
+crl = $dir/public/crl.pem
+crlnumber = $dir/crlnumber
+database = $dir/index
+serial = $dir/serial
+new_certs_dir = $dir/newcerts
+certificate = $dir/public/ca.pem
+private_key = $dir/private/ca.key
+x509_extensions = certificate_extensions
+email_in_dn = no
+default_days = %(default_days)s
+default_crl_days = 31
+default_md = sha1
+preserve = yes
+policy = policy_match
+
+[ policy_match ]
+countryName = supplied
+organizationName = supplied
+organizationalUnitName = optional
+commonName = supplied
+emailAddress = supplied
+
+[ policy_anything ]
+countryName = optional
+organizationName = optional
+organizationalUnitName = optional
+commonName = supplied
+emailAddress = optional
+
+[ req ]
+default_bits = %(bits)s
+default_md = sha1
+distinguished_name = req_distinguished_name
+attributes = req_attributes
+x509_extensions = v3_ca
+string_mask = nombstr
+
+[ req_distinguished_name ]
+countryName = Country Name
+countryName_default = "%(country)s"
+countryName_min = 2
+countryName_max = 2
+0.organizationName = Organization Name
+0.organizationName_default = "%(org)s"
+organizationalUnitName = Organizational Unit Name
+organizationalUnitName_default = "%(ou)s"
+commonName = Common Name
+commonName_max = 64
+commonName_default = "%(cn)s"
+emailAddress = Email Address
+emailAddress_max = 60
+emailAddress_default = "%(email)s"
+SET-ex3 = SET extension number 3
+
+[ req_attributes ]
+
+[ certificate_extensions ]
+
+[ v3_ca ]
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid:always,issuer:always
+basicConstraints = critical, CA:true
+keyUsage = cRLSign, keyCertSign
+nsCertType = sslCA, emailCA, objCA
+nsComment = "%(cn)s"
+subjectAltName = email:copy
+issuerAltName = issuer:copy
+
v.licheni.net / stack / cam.git / blobdiff