| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647 |
- [ca]
- default_ca = CA_default
- [CA_default]
- database = dir/index.txt
- serial = dir/serial.txt
- new_certs_dir = ./certdir
- private_key = rca-private-key.pem
- default_days = 365
- certificate = rca-signed-cert.pem
- default_md = sha256
- policy = policy_any
- email_in_dn = no
- [ICA_default]
- database = idir/index.txt
- serial = idir/serial.txt
- new_certs_dir = ./icertdir
- private_key = ica-private-key.pem
- default_days = 365
- certificate = ica-signed-cert.pem
- default_md = sha256
- policy = policy_any
- email_in_dn = no
- [policy_any]
- countryName = supplied
- stateOrProvinceName = optional
- organizationName = optional
- organizationalUnitName = optional
- commonName = optional
- emailAddress = optional
- [ v3_ca ]
- subjectKeyIdentifier = hash
- authorityKeyIdentifier = keyid:always,issuer
- basicConstraints = critical, CA:true
- keyUsage = critical, keyCertSign, cRLSign
- [ v3_intermediate_ca ]
- subjectKeyIdentifier = hash
- authorityKeyIdentifier = keyid:always,issuer
- basicConstraints = critical, CA:true, pathlen:0
- keyUsage = critical, digitalSignature, cRLSign, keyCertSign
|
