SHARE
TWEET

openssl.cnf

a guest Dec 23rd, 2015 119 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. [ req ]
  2. default_md = sha256
  3. distinguished_name = req_distinguished_name
  4.  
  5. [ req_distinguished_name ]
  6. countryName = Country
  7. countryName_default = FR
  8. countryName_min = 2
  9. countryName_max = 2
  10. localityName = Locality
  11. localityName_default = France
  12. organizationName = Organization
  13. organizationName_default = xxxxxxxxxx
  14. commonName = Common Name
  15. commonName_default = xxxxxxxxxx
  16. commonName_max = 64
  17.  
  18. [ certauth ]
  19. subjectKeyIdentifier = hash
  20. authorityKeyIdentifier = keyid:always,issuer:always
  21. basicConstraints = CA:true
  22. crlDistributionPoints = @crl
  23.  
  24. [ server ]
  25. basicConstraints = CA:FALSE
  26. keyUsage = digitalSignature, keyEncipherment, dataEncipherment
  27. extendedKeyUsage = serverAuth
  28. nsCertType = server
  29. crlDistributionPoints = @crl
  30.  
  31. [ client ]
  32. basicConstraints = CA:FALSE
  33. keyUsage = digitalSignature, keyEncipherment, dataEncipherment
  34. extendedKeyUsage = clientAuth
  35. nsCertType = client
  36. crlDistributionPoints = @crl
  37.  
  38. [ crl ]
  39. URI=ca.crl
  40.  
  41. [ ca ]
  42. default_ca = myca
  43.  
  44. [ myca ]
  45. dir = ./
  46. new_certs_dir = $dir
  47. unique_subject = no
  48. certificate = $dir/ca.cer
  49. database = $dir/certindex
  50. private_key = $dir/ca.key
  51. serial = $dir/certserial
  52. default_days = 365
  53. default_md = sha256
  54. policy = myca_policy
  55. x509_extensions = myca_extensions
  56. crlnumber = $dir/crlnumber
  57. default_crl_days = 365
  58.  
  59. [ myca_policy ]
  60. commonName = supplied
  61. stateOrProvinceName = supplied
  62. countryName = optional
  63. emailAddress = optional
  64. organizationName = supplied
  65. organizationalUnitName = optional
  66.  
  67. [ myca_extensions ]
  68. basicConstraints = CA:false
  69. subjectKeyIdentifier = hash
  70. authorityKeyIdentifier = keyid:always
  71. keyUsage = digitalSignature,keyEncipherment
  72. extendedKeyUsage = serverAuth
  73. subjectAltName  = @alt_names
  74.  
  75.  
  76. [alt_names]
  77. DNS.1 = xxxxxx.xxxx
  78. DNS.2 = *.xxxx.xxxx
  79. DNS.3 = www.xxxx.xxxx
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top