# Request configuration for client certificates # # Author: Jan Dittberner # Date: 2015-02-03 RANDFILE = $ENV::HOME/ca/.rnd [ req ] default_bits = 2048 distinguished_name = req_distinguished_name req_extensions = v3_client_ext utf8 = yes default_md = sha256 string_mask = utf8only [ req_distinguished_name ] countryName = Country Name (2 letter code) countryName_default = DE countryName_min = 2 countryName_max = 2 stateOrProvinceName = State or Province Name (full name) stateOrProvinceName_default = Saxony localityName = Locality Name (eg, city) localityName_default = Example Town 0.organizationName = Organization Name (eg, company) 0.organizationName_default = Example Organization organizationalUnitName = Organizational Unit Name (eg, section) organizationalUnitName_default = Example Lab commonName = Common Name (eg, YOUR name) commonName_max = 64 commonName_default = Example Lab Client emailAddress = Email Address emailAddress_max = 64 emailAddress_default = client@example.org [ v3_client_ext ] basicConstraints = critical, CA:false keyUsage = keyEncipherment,digitalSignature extendedKeyUsage = clientAuth