From 2aab7772dc3e46d9cb212c8dfd2368d3b25cdbbc Mon Sep 17 00:00:00 2001 From: Jan Dittberner Date: Wed, 4 May 2011 22:09:49 +0200 Subject: [PATCH] add server request configuration --- servercsr.conf | 46 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 46 insertions(+) create mode 100644 servercsr.conf diff --git a/servercsr.conf b/servercsr.conf new file mode 100644 index 0000000..15464aa --- /dev/null +++ b/servercsr.conf @@ -0,0 +1,46 @@ +# Request configuration for server certificates +# +# Author: Jan Dittberner +# Date: 2011-05-04 + +RANDFILE = $ENV::HOME/ca/.rnd + +[ req ] +default_bits = 2048 +distinguished_name = req_distinguished_name +x509_extensions = v3_server_ext + +# This sets a mask for permitted string types. There are several options. +# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings). +string_mask = nombstr + +[ req_distinguished_name ] +countryName = Country Name (2 letter code) +countryName_default = DE +countryName_min = 2 +countryName_max = 2 + +stateOrProvinceName = State or Province Name (full name) +stateOrProvinceName_default = Saxony + +localityName = Locality Name (eg, city) +localityName_default = Example Town + +0.organizationName = Organization Name (eg, company) +0.organizationName_default = Example Organization + +organizationalUnitName = Organizational Unit Name (eg, section) +organizationalUnitName_default = Example Lab + +commonName = Common Name (eg, YOUR name) +commonName_max = 64 +commonName_default = server.example.org + +emailAddress = Email Address +emailAddress_max = 64 +emailAddress_default = server-admin@example.org + +[ v3_server_ext ] +basicConstraints = critical, CA:false +keyUsage = keyEncipherment,digitalSignature +extendedKeyUsage = serverAuth