|
|
| Line 1: |
Line 1: |
| <pre>
| |
| [ca]
| |
| default_ca = issuer
| |
|
| |
|
| [issuer]
| |
| private_key = /home/pjones/db/ca.key
| |
| certificate = /home/pjones/db/ca.crt
| |
| database = /home/pjones/db/ca.db
| |
| serial = /home/pjones/db/ca.srl
| |
| default_md = SHA256
| |
| new_certs_dir = /tmp/tmp.Ee0O9HNoGJ
| |
| policy = no_policy
| |
|
| |
| [no_policy]
| |
|
| |
| [req_oids]
| |
| domainComponent = 0.9.2342.19200300.100.1.25
| |
|
| |
| [req_ca]
| |
| prompt = no
| |
| oid_section = req_oids
| |
| distinguished_name = req_ca_name
| |
| default_md = SHA256
| |
| subjectKeyIdentifier=hash
| |
|
| |
| [req_ca_name]
| |
| C=US
| |
| #stateOrProvinceName=SomeState
| |
| localityName=SomeCity
| |
| O=SomeOrg
| |
| #commonName = Test Certifying CA
| |
|
| |
| [v3_ca]
| |
| subjectKeyIdentifier=hash
| |
| authorityKeyIdentifier=keyid:always
| |
| #authorityKeyIdentifier=keyid:always,issuer:always
| |
| keyUsage=nonRepudiation,digitalSignature,keyEncipherment,dataEncipherment,keyAgreement,keyCertSign,cRLSign
| |
| basicConstraints=critical,CA:TRUE
| |
| nsComment="Testing CA Certificate"
| |
|
| |
| [req_ocsp]
| |
| prompt = no
| |
| oid_section = req_oids
| |
| distinguished_name = req_ocsp_name
| |
| default_md = SHA256
| |
|
| |
| [req_ocsp_name]
| |
| C=US
| |
| #stateOrProvinceName=SomeState
| |
| localityName=SomeOrg
| |
| O=SomeOrg
| |
| #commonName = OCSP Signer for Test Certifying CA
| |
|
| |
| [v3_ocsp]
| |
| subjectKeyIdentifier=hash
| |
| #authorityKeyIdentifier=keyid:always,issuer:always
| |
| authorityKeyIdentifier=keyid:always
| |
| keyUsage=digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement,keyCertSign,cRLSign
| |
| extendedKeyUsage=1.3.6.1.5.5.7.3.9
| |
| #basicConstraints=CA:FALSE
| |
| basicConstraints=CA:TRUE
| |
| nsComment="Testing OCSP Certificate"
| |
| 1.3.6.1.5.5.7.48.1.5=ASN1:NULL
| |
|
| |
| [req_issued]
| |
| prompt = no
| |
| oid_section = req_oids
| |
| distinguished_name = req_issued_name
| |
| default_md = SHA256
| |
|
| |
| [req_issued_name]
| |
| C=US
| |
| #stateOrProvinceName=SomeState
| |
| localityName=SomeCity
| |
| O=SomeOrg
| |
| commonName = Fedora
| |
|
| |
| [v3_issued]
| |
| #certificatePolicies=2.5.29.32.0,1.3.6.1.5.5.7.3.3,1.3.6.1.4.1.311.10.3.1
| |
| subjectKeyIdentifier=hash
| |
| authorityKeyIdentifier=keyid:always
| |
| #authorityKeyIdentifier=keyid:always,issuer:always
| |
| keyUsage = critical,digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement,keyCertSign,cRLSign,encipherOnly,decipherOnly
| |
| extendedKeyUsage = 1.3.6.1.5.5.7.3.3,1.3.6.1.4.1.311.10.3.1
| |
| basicConstraints=CA:FALSE
| |
| nsComment="Testing Certificate for Fedora"
| |
| </pre>
| |
