OpenSSL configuration examples
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

rootreq.conf 1.7KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849
  1. # Request configuration for CA certificate
  2. #
  3. # Author: Jan Dittberner <jan@dittberner.info>
  4. # Date: 2015-02-03
  5. RANDFILE = $ENV::HOME/ca/.rnd
  6. [ req ]
  7. default_bits = 4096
  8. distinguished_name = req_distinguished_name
  9. x509_extensions = v3_ca_ext
  10. utf8 = yes
  11. default_md = sha256
  12. string_mask = utf8only
  13. [ req_distinguished_name ]
  14. countryName = Country Name (2 letter code)
  15. countryName_default = DE
  16. countryName_min = 2
  17. countryName_max = 2
  18. stateOrProvinceName = State or Province Name (full name)
  19. stateOrProvinceName_default = Saxony
  20. localityName = Locality Name (eg, city)
  21. localityName_default = Example Town
  22. 0.organizationName = Organization Name (eg, company)
  23. 0.organizationName_default = Example Organization
  24. organizationalUnitName = Organizational Unit Name (eg, section)
  25. organizationalUnitName_default = Example Lab
  26. commonName = Common Name (eg, YOUR name)
  27. commonName_max = 64
  28. commonName_default = Example Lab Root CA
  29. emailAddress = Email Address
  30. emailAddress_max = 64
  31. emailAddress_default = rootca@example.org
  32. [ v3_ca_ext ]
  33. basicConstraints = critical, CA:true, pathlen:1
  34. keyUsage = critical, keyCertSign,cRLSign
  35. nsComment = "Example Labs Root Certificate"
  36. # PKIX recommendations harmless if included in all certificates.
  37. subjectKeyIdentifier = hash
  38. authorityKeyIdentifier = keyid:always,issuer:always