Guest User

openssl.cnf

a guest
Dec 23rd, 2015
202
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. [ req ]
  2. default_md = sha256
  3. distinguished_name = req_distinguished_name
  4.  
  5. [ req_distinguished_name ]
  6. countryName = Country
  7. countryName_default = FR
  8. countryName_min = 2
  9. countryName_max = 2
  10. localityName = Locality
  11. localityName_default = France
  12. organizationName = Organization
  13. organizationName_default = xxxxxxxxxx
  14. commonName = Common Name
  15. commonName_default = xxxxxxxxxx
  16. commonName_max = 64
  17.  
  18. [ certauth ]
  19. subjectKeyIdentifier = hash
  20. authorityKeyIdentifier = keyid:always,issuer:always
  21. basicConstraints = CA:true
  22. crlDistributionPoints = @crl
  23.  
  24. [ server ]
  25. basicConstraints = CA:FALSE
  26. keyUsage = digitalSignature, keyEncipherment, dataEncipherment
  27. extendedKeyUsage = serverAuth
  28. nsCertType = server
  29. crlDistributionPoints = @crl
  30.  
  31. [ client ]
  32. basicConstraints = CA:FALSE
  33. keyUsage = digitalSignature, keyEncipherment, dataEncipherment
  34. extendedKeyUsage = clientAuth
  35. nsCertType = client
  36. crlDistributionPoints = @crl
  37.  
  38. [ crl ]
  39. URI=ca.crl
  40.  
  41. [ ca ]
  42. default_ca = myca
  43.  
  44. [ myca ]
  45. dir = ./
  46. new_certs_dir = $dir
  47. unique_subject = no
  48. certificate = $dir/ca.cer
  49. database = $dir/certindex
  50. private_key = $dir/ca.key
  51. serial = $dir/certserial
  52. default_days = 365
  53. default_md = sha256
  54. policy = myca_policy
  55. x509_extensions = myca_extensions
  56. crlnumber = $dir/crlnumber
  57. default_crl_days = 365
  58.  
  59. [ myca_policy ]
  60. commonName = supplied
  61. stateOrProvinceName = supplied
  62. countryName = optional
  63. emailAddress = optional
  64. organizationName = supplied
  65. organizationalUnitName = optional
  66.  
  67. [ myca_extensions ]
  68. basicConstraints = CA:false
  69. subjectKeyIdentifier = hash
  70. authorityKeyIdentifier = keyid:always
  71. keyUsage = digitalSignature,keyEncipherment
  72. extendedKeyUsage = serverAuth
  73. subjectAltName = @alt_names
  74.  
  75.  
  76. [alt_names]
  77. DNS.1 = xxxxxx.xxxx
  78. DNS.2 = *.xxxx.xxxx
  79. DNS.3 = www.xxxx.xxxx
RAW Paste Data