X-Git-Url: https://v.licheni.net/stack/cam.git/blobdiff_plain/de74ecfb399e9c18e476104744856fde67ea2e81..112c04e3926d62291efd902a1dcb0b2d24feeb59:/cam/templates/openssl_config

diff --git a/cam/templates/openssl_config b/cam/templates/openssl_config
new file mode 100644
index 0000000..4583fca
--- /dev/null
+++ b/cam/templates/openssl_config
@@ -0,0 +1,77 @@
+RANDFILE = %(basedir)s/.random
+
+[ ca ]
+default_ca              = CA_default
+
+[ CA_default ]
+dir                     = %(basedir)s
+certs                   = $dir/public/certs
+crl_dir                 = $dir/public/crl
+crl                     = $dir/public/crl.pem
+crlnumber               = $dir/crlnumber
+database                = $dir/index
+serial                  = $dir/serial
+new_certs_dir           = $dir/newcerts
+certificate             = $dir/public/ca.pem
+private_key             = $dir/private/ca.key
+x509_extensions         = certificate_extensions
+email_in_dn             = no
+default_days            = %(default_days)s
+default_crl_days        = 31
+default_md              = sha1
+preserve                = yes
+policy                  = policy_match
+
+[ policy_match ]
+countryName             = supplied
+organizationName        = supplied
+organizationalUnitName  = optional
+commonName              = supplied
+emailAddress            = supplied
+
+[ policy_anything ]
+countryName             = optional
+organizationName        = optional
+organizationalUnitName  = optional
+commonName              = supplied
+emailAddress            = optional
+
+[ req ]
+default_bits            = %(bits)s
+default_md              = sha1
+distinguished_name      = req_distinguished_name
+attributes              = req_attributes
+x509_extensions         = v3_ca
+string_mask             = nombstr
+
+[ req_distinguished_name ]
+countryName                     = Country Name
+countryName_default             = "%(country)s"
+countryName_min                 = 2
+countryName_max                 = 2
+0.organizationName              = Organization Name
+0.organizationName_default      = "%(org)s"
+organizationalUnitName          = Organizational Unit Name
+organizationalUnitName_default  = "%(ou)s"
+commonName                      = Common Name
+commonName_max                  = 64
+commonName_default              = "%(cn)s"
+emailAddress                    = Email Address
+emailAddress_max                = 60
+emailAddress_default            = "%(email)s"
+SET-ex3                         = SET extension number 3
+
+[ req_attributes ]
+
+[ certificate_extensions ]
+
+[ v3_ca ]
+subjectKeyIdentifier    = hash
+authorityKeyIdentifier  = keyid:always,issuer:always
+basicConstraints        = critical, CA:true
+keyUsage                = cRLSign, keyCertSign
+nsCertType              = sslCA, emailCA, objCA
+nsComment               = "%(cn)s"
+subjectAltName          = email:copy
+issuerAltName           = issuer:copy
+