osslconfexamples/rootreq.conf

50 lines
1.7 KiB
Plaintext
Raw Permalink Normal View History

2011-05-03 21:01:18 +02:00
# Request configuration for CA certificate
#
# Author: Jan Dittberner <jan@dittberner.info>
# Date: 2015-02-03
2011-05-03 21:01:18 +02:00
2011-05-04 22:06:25 +02:00
RANDFILE = $ENV::HOME/ca/.rnd
2011-05-03 21:01:18 +02:00
[ req ]
default_bits = 4096
2011-05-04 22:06:25 +02:00
distinguished_name = req_distinguished_name
x509_extensions = v3_ca_ext
utf8 = yes
default_md = sha256
string_mask = utf8only
2011-05-03 21:01:18 +02:00
[ req_distinguished_name ]
2011-05-04 22:06:25 +02:00
countryName = Country Name (2 letter code)
countryName_default = DE
countryName_min = 2
countryName_max = 2
2011-05-03 21:01:18 +02:00
2011-05-04 22:06:25 +02:00
stateOrProvinceName = State or Province Name (full name)
stateOrProvinceName_default = Saxony
2011-05-03 21:01:18 +02:00
2011-05-04 22:06:25 +02:00
localityName = Locality Name (eg, city)
2011-05-03 21:01:18 +02:00
localityName_default = Example Town
2011-05-04 22:06:25 +02:00
0.organizationName = Organization Name (eg, company)
0.organizationName_default = Example Organization
2011-05-03 21:01:18 +02:00
2011-05-04 22:06:25 +02:00
organizationalUnitName = Organizational Unit Name (eg, section)
organizationalUnitName_default = Example Lab
2011-05-03 21:01:18 +02:00
2011-05-04 22:06:25 +02:00
commonName = Common Name (eg, YOUR name)
commonName_max = 64
2011-05-03 21:01:18 +02:00
commonName_default = Example Lab Root CA
2011-05-04 22:06:25 +02:00
emailAddress = Email Address
emailAddress_max = 64
2011-05-03 21:01:18 +02:00
emailAddress_default = rootca@example.org
[ v3_ca_ext ]
2011-05-04 22:06:25 +02:00
basicConstraints = critical, CA:true, pathlen:1
keyUsage = critical, keyCertSign,cRLSign
nsComment = "Example Labs Root Certificate"
# PKIX recommendations harmless if included in all certificates.
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer:always