open-vault/test/ca/myca.conf

36 lines
837 B
Plaintext

[ ca ]
default_ca = myca
[ crl_ext ]
# issuerAltName=issuer:copy #this would copy the issuer name to altname
authorityKeyIdentifier=keyid:always
[ myca ]
new_certs_dir = /tmp
unique_subject = no
certificate = root.cer
database = certindex
private_key = privkey.pem
serial = serialfile
default_days = 365
default_md = sha1
policy = myca_policy
x509_extensions = myca_extensions
default_crl_days = 30
[ myca_policy ]
commonName = supplied
stateOrProvinceName = supplied
countryName = supplied
emailAddress = optional
organizationName = supplied
organizationalUnitName = optional
[ myca_extensions ]
basicConstraints = CA:false
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always
keyUsage = digitalSignature,keyEncipherment
extendedKeyUsage = serverAuth,clientAuth
crlDistributionPoints = URI:http://path.to.crl/myca.crl