export KEY_CONFIG="$EASY_RSA/openssl-1.0.0.cnf"# Edit this variable to point

1. export KEY_CONFIG="$EASY_RSA/openssl-1.0.0.cnf"
2.  
3. # Edit this variable to point to
4. # your soon-to-be-created key
5. # directory.
6. #
7. # WARNING: clean-all will do
8. # a rm -rf on this directory
9. # so make sure you define
10. # it correctly!
11. export KEY_DIR="$EASY_RSA/keys"
12.  
13. # Issue rm -rf warning
14. echo NOTE: If you run ./clean-all, I will be doing a rm -rf on $KEY_DIR
15.  
16. # PKCS11 fixes
17. export PKCS11_MODULE_PATH="dummy"
18. export PKCS11_PIN="dummy"
19.  
20. # Increase this to 2048 if you
21. # are paranoid. This will slow
22. # down TLS negotiation performance
23. # as well as the one-time DH parms
24. # generation process.
25. export KEY_SIZE=1024
26.  
27. # In how many days should the root CA key expire?
28. export CA_EXPIRE=3650
29.  
30. # In how many days should certificates expire?
31. export KEY_EXPIRE=3650
32.  
33. # These are the default values for fields
34. # which will be placed in the certificate.
35. # Don't leave any of these fields blank.
36. export KEY_COUNTRY="someplanet"
37. export KEY_PROVINCE="someprovince"
38. export KEY_CITY="someplace"
39. export KEY_ORG="someorg"
40. export KEY_EMAIL="myunique@email.com"
41. export KEY_EMAIL=mail@host.domain
42. export KEY_CN=changeme
43. export KEY_NAME=changeme
44. export KEY_OU=changeme
45. export PKCS11_MODULE_PATH=changeme
46. export PKCS11_PIN=1234