2015-04-23 21:29:34 +00:00
|
|
|
[ ca ]
|
|
|
|
default_ca = myca
|
|
|
|
|
|
|
|
[ crl_ext ]
|
|
|
|
# issuerAltName=issuer:copy #this would copy the issuer name to altname
|
|
|
|
authorityKeyIdentifier=keyid:always
|
|
|
|
|
|
|
|
[ myca ]
|
|
|
|
new_certs_dir = /tmp
|
|
|
|
unique_subject = no
|
|
|
|
certificate = root.cer
|
|
|
|
database = certindex
|
|
|
|
private_key = privkey.pem
|
|
|
|
serial = serialfile
|
|
|
|
default_days = 365
|
|
|
|
default_md = sha1
|
|
|
|
policy = myca_policy
|
|
|
|
x509_extensions = myca_extensions
|
2015-10-15 17:04:54 +00:00
|
|
|
default_crl_days = 30
|
2015-04-23 21:29:34 +00:00
|
|
|
|
|
|
|
[ myca_policy ]
|
|
|
|
commonName = supplied
|
|
|
|
stateOrProvinceName = supplied
|
|
|
|
countryName = supplied
|
|
|
|
emailAddress = optional
|
|
|
|
organizationName = supplied
|
|
|
|
organizationalUnitName = optional
|
|
|
|
|
|
|
|
[ myca_extensions ]
|
|
|
|
basicConstraints = CA:false
|
|
|
|
subjectKeyIdentifier = hash
|
|
|
|
authorityKeyIdentifier = keyid:always
|
|
|
|
keyUsage = digitalSignature,keyEncipherment
|
|
|
|
extendedKeyUsage = serverAuth,clientAuth
|
|
|
|
crlDistributionPoints = URI:http://path.to.crl/myca.crl
|