add configuration for client certificate requests

This commit is contained in:
Jan Dittberner 2011-05-04 21:58:03 +02:00
parent 149022f312
commit f1242ada05

46
clientcsr.conf Normal file
View file

@ -0,0 +1,46 @@
# Request configuration for CA certificate
#
# Author: Jan Dittberner <jan@dittberner.info>
# Date: 2011-05-04
RANDFILE = $ENV::HOME/ca/.rnd
[ req ]
default_bits = 2048
distinguished_name = req_distinguished_name
x509_extensions = v3_client_ext
# This sets a mask for permitted string types. There are several options.
# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
string_mask = nombstr
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_default = DE
countryName_min = 2
countryName_max = 2
stateOrProvinceName = State or Province Name (full name)
stateOrProvinceName_default = Saxony
localityName = Locality Name (eg, city)
localityName_default = Example Town
0.organizationName = Organization Name (eg, company)
0.organizationName_default = Example Organization
organizationalUnitName = Organizational Unit Name (eg, section)
organizationalUnitName_default = Example Lab
commonName = Common Name (eg, YOUR name)
commonName_max = 64
commonName_default = Example Lab Client
emailAddress = Email Address
emailAddress_max = 64
emailAddress_default = client@example.org
[ v3_client_ext ]
basicConstraints = critical, CA:false
keyUsage = keyEncipherment,digitalSignature
extendedKeyUsage = clientAuth