API tools faq
paste
Guest User

S/mime part 2

a guest
Oct 22nd, 2016
210
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.34 KB | None | 0 0
raw download clone embed print report
  1. CA file
  2.  
  3. HOME = .
  4. RANDFILE = $ENV::HOME/.rnd
  5.  
  6. ####################################################################
  7. [ ca ]
  8. default_ca = CA_default # The default ca section
  9.  
  10. [ CA_default ]
  11.  
  12. default_days = 1825 # how long to certify for
  13. default_crl_days= 1820 # how long before next CRL
  14. default_md = sha512 # use public key default MD
  15. preserve = no # keep passed DN ordering
  16.  
  17. x509_extensions = ca_extensions # The extensions to add to the cert
  18.  
  19. email_in_dn = no # Don't concat the email in the DN
  20. copy_extensions = copy # Required to copy SANs from CSR to cert
  21. base_dir = .
  22. certificate = $base_dir/cacert.pem # The CA certifcate
  23. private_key = $base_dir/cakey.pem # The CA private key
  24. new_certs_dir = $base_dir # Location for new certs after signing
  25. database = $base_dir/index.txt # Database index file
  26. serial = $base_dir/serial.txt # The current serial number
  27.  
  28. unique_subject = no # Set to 'no' to allow creation of
  29. # several certificates with same subject.
  30. ####################################################################
  31. [ req ]
  32. default_bits = 4096
  33. default_keyfile = cakey.pem
  34. distinguished_name = ca_distinguished_name
  35. x509_extensions = ca_extensions
  36. string_mask = utf8only
  37.  
  38. ####################################################################
  39. [ ca_distinguished_name ]
  40. countryName = Country Name (2 letter code)
  41. countryName_default = XX
  42.  
  43. stateOrProvinceName = State or Province Name (full name)
  44. stateOrProvinceName_default = XX
  45.  
  46. localityName = Locality Name (eg, city)
  47. localityName_default = XX
  48.  
  49. organizationName = Organization Name (eg, company)
  50. organizationName_default = Test CA, Limited
  51.  
  52. organizationalUnitName = Organizational Unit (eg, division)
  53. organizationalUnitName_default = Server Research Department
  54.  
  55. commonName = Common Name (e.g. server FQDN or YOUR name)
  56. commonName_default = CA-01
  57.  
  58. emailAddress = Email Address
  59. emailAddress_default = XXXXX@XXXXX
  60.  
  61. ####################################################################
  62. [ ca_extensions ]
  63.  
  64. subjectKeyIdentifier=hash
  65. authorityKeyIdentifier=keyid:always, issuer
  66. basicConstraints = critical, CA:true
  67. keyUsage = keyCertSign, cRLSign
  68.  
  69. ####################################################################
  70. [ signing_policy ]
  71. countryName = optional
  72. stateOrProvinceName = optional
  73. localityName = optional
  74. organizationName = optional
  75. organizationalUnitName = optional
  76. commonName = supplied
  77. emailAddress = optional
  78.  
  79. ####################################################################
  80. [ signing_req ]
  81. subjectKeyIdentifier=hash
  82. authorityKeyIdentifier=keyid,issuer
  83.  
  84.  
  85. Server file
  86.  
  87. \HOME = .
  88. RANDFILE = $ENV::HOME/.rnd
  89.  
  90. ####################################################################
  91. [ req ]
  92. default_bits = 4096
  93. default_keyfile = serverkey.pem
  94. distinguished_name = server_distinguished_name
  95. req_extensions = server_req_extensions
  96. string_mask = utf8only
  97.  
  98. ####################################################################
  99. [ server_distinguished_name ]
  100. countryName = Country Name (2 letter code)
  101. countryName_default = XX
  102.  
  103. stateOrProvinceName = State or Province Name (full name)
  104. stateOrProvinceName_default = XX
  105.  
  106. localityName = Locality Name (eg, city)
  107. localityName_default = XX
  108.  
  109. organizationName = Organization Name (eg, company)
  110. organizationName_default = XX
  111.  
  112. commonName = Common Name (e.g. server FQDN or YOUR name)
  113. commonName_default = [email protected]
  114.  
  115. emailAddress = Email Address
  116. emailAddress_default = [email protected]
  117.  
  118. ####################################################################
  119. [ server_req_extensions ]
  120.  
  121. subjectKeyIdentifier = hash
  122. basicConstraints = CA:FALSE
  123. keyUsage = digitalSignature, keyEncipherment
  124. subjectAltName = @alternate_names
  125. nsComment = "OpenSSL Generated Certificate"
  126.  
  127. ####################################################################
  128. [ alternate_names ]
  129.  
  130. DNS.1 = example.com
  131. DNS.2 = www.example.com
  132. DNS.3 = mail.example.com
  133. DNS.4 = ftp.example.com
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!