|
1 # |
|
2 # SSLeay example configuration file. |
|
3 # This is mostly being used for generation of certificate requests. |
|
4 # |
|
5 |
|
6 RANDFILE = ./.rnd |
|
7 |
|
8 #################################################################### |
|
9 [ ca ] |
|
10 default_ca = CA_default # The default ca section |
|
11 |
|
12 #################################################################### |
|
13 [ CA_default ] |
|
14 |
|
15 dir = ./demoCA # Where everything is kept |
|
16 certs = $dir/certs # Where the issued certs are kept |
|
17 crl_dir = $dir/crl # Where the issued crl are kept |
|
18 database = $dir/index.txt # database index file. |
|
19 new_certs_dir = $dir/new_certs # default place for new certs. |
|
20 |
|
21 certificate = $dir/CAcert.pem # The CA certificate |
|
22 serial = $dir/serial # The current serial number |
|
23 crl = $dir/crl.pem # The current CRL |
|
24 private_key = $dir/private/CAkey.pem# The private key |
|
25 RANDFILE = $dir/private/.rand # private random number file |
|
26 |
|
27 default_days = 365 # how long to certify for |
|
28 default_crl_days= 30 # how long before next CRL |
|
29 default_md = md5 # which md to use. |
|
30 |
|
31 # A few difference way of specifying how similar the request should look |
|
32 # For type CA, the listed attributes must be the same, and the optional |
|
33 # and supplied fields are just that :-) |
|
34 policy = policy_match |
|
35 |
|
36 # For the CA policy |
|
37 [ policy_match ] |
|
38 countryName = match |
|
39 stateOrProvinceName = match |
|
40 organizationName = match |
|
41 organizationalUnitName = optional |
|
42 commonName = supplied |
|
43 emailAddress = optional |
|
44 |
|
45 # For the 'anything' policy |
|
46 # At this point in time, you must list all acceptable 'object' |
|
47 # types. |
|
48 [ policy_anything ] |
|
49 countryName = optional |
|
50 stateOrProvinceName = optional |
|
51 localityName = optional |
|
52 organizationName = optional |
|
53 organizationalUnitName = optional |
|
54 commonName = supplied |
|
55 emailAddress = optional |
|
56 |
|
57 #################################################################### |
|
58 [ req ] |
|
59 default_bits = 512 |
|
60 default_keyfile = testkey.pem |
|
61 distinguished_name = req_distinguished_name |
|
62 encrypt_rsa_key = no |
|
63 |
|
64 [ req_distinguished_name ] |
|
65 countryName = Country Name (2 letter code) |
|
66 countryName_default = AU |
|
67 countryName_value = AU |
|
68 |
|
69 stateOrProvinceName = State or Province Name (full name) |
|
70 stateOrProvinceName_default = Queensland |
|
71 stateOrProvinceName_value = |
|
72 |
|
73 localityName = Locality Name (eg, city) |
|
74 localityName_value = Brisbane |
|
75 |
|
76 organizationName = Organization Name (eg, company) |
|
77 organizationName_default = |
|
78 organizationName_value = CryptSoft Pty Ltd |
|
79 |
|
80 organizationalUnitName = Organizational Unit Name (eg, section) |
|
81 organizationalUnitName_default = |
|
82 organizationalUnitName_value = . |
|
83 |
|
84 commonName = Common Name (eg, YOUR name) |
|
85 commonName_value = Eric Young |
|
86 |
|
87 emailAddress = Email Address |
|
88 emailAddress_value = eay@mincom.oz.au |