# openssl.config## Config file for OpenSSL CA[ ca ]default_ca = ca_default # The default ca section[ Root1 ]dir = Root1database = $dir\\index.txt # index file.new_certs_dir = $dir\\certs # new certs dircertificate = $dir\\certs\\ca.pem # The CA certserial = $dir\\serial # serial no fileprivate_key = $dir\\private\\ca.key.pem # CA private keyRANDFILE = $dir\\private\\.rand # random number filedefault_days = 365 # how long to certify fordefault_crl_days= 30 # how long before next CRLdefault_md = md5 # md to usepolicy = ca_policy # our policyemail_in_dn = no # Don't add the email into cert DNnameopt = default_ca # Subject name display optioncertopt = default_ca # Certificate display optioncopy_extensions = none # Don't copy extensions from requestdistinguished_name = root_ca_distinguished_name[ Root2 ]dir = Root2database = $dir\\index.txt # index file.new_certs_dir = $dir\\certs # new certs dircertificate = $dir\\certs\\ca.pem # The CA certserial = $dir\\serial # serial no fileprivate_key = $dir\\private\\ca.key.pem # CA private keyRANDFILE = $dir\\private\\.rand # random number filedefault_days = 365 # how long to certify fordefault_crl_days= 30 # how long before next CRLdefault_md = sha1 # md to usepolicy = ca_policy # our policyemail_in_dn = no # Don't add the email into cert DNnameopt = default_ca # Subject name display optioncertopt = default_ca # Certificate display optioncopy_extensions = none # Don't copy extensions from request[ Root5]dir = Root5database = $dir\\index.txt # index file.new_certs_dir = $dir\\certs # new certs dircertificate = $dir\\certs\\ca.pem # The CA certserial = $dir\\serial # serial no fileprivate_key = $dir\\private\\ca.key.pem # CA private keyRANDFILE = $dir\\private\\.rand # random number filedefault_days = 365 # how long to certify fordefault_crl_days= 30 # how long before next CRLdefault_md = md5 # md to usepolicy = ca_policy # our policyemail_in_dn = no # Don't add the email into cert DNnameopt = default_ca # Subject name display optioncertopt = default_ca # Certificate display optioncopy_extensions = none # Don't copy extensions from request[ Root5-Mid ]dir = Root5-Middatabase = $dir\\index.txt # index file.new_certs_dir = $dir\\certs # new certs dircertificate = $dir\\certs\\Mid-R5.pem # The CA certserial = $dir\\serial # serial no fileprivate_key = $dir\\private\\Mid-R5.key.pem # CA private keyRANDFILE = $dir\\private\\.rand # random number filedefault_days = 365 # how long to certify fordefault_crl_days= 30 # how long before next CRLdefault_md = md5 # md to usepolicy = ca_policy # our policyemail_in_dn = no # Don't add the email into cert DNnameopt = default_ca # Subject name display optioncertopt = default_ca # Certificate display optioncopy_extensions = none # Don't copy extensions from request[ Root3-OCSP ]dir = Root3-OCSPdatabase = $dir\\index.txt # index file.new_certs_dir = $dir\\certs # new certs dircertificate = $dir\\certs\\ca.pem # The CA certserial = $dir\\serial # serial no fileprivate_key = $dir\\private\\ca.key.pem # CA private keyRANDFILE = $dir\\private\\.rand # random number filedefault_days = 365 # how long to certify fordefault_crl_days= 30 # how long before next CRLdefault_md = md5 # md to usepolicy = ca_policy # our policyemail_in_dn = no # Don't add the email into cert DNnameopt = default_ca # Subject name display optioncertopt = default_ca # Certificate display optioncopy_extensions = none # Don't copy extensions from request[ Root1-OCSP ]dir = Root1-OCSPdatabase = $dir\\index.txt # index file.new_certs_dir = $dir\\certs # new certs dircertificate = $dir\\certs\\ca.pem # The CA certserial = $dir\\serial # serial no fileprivate_key = $dir\\private\\ca.key.pem # CA private keyRANDFILE = $dir\\private\\.rand # random number filedefault_days = 365 # how long to certify fordefault_crl_days= 30 # how long before next CRLdefault_md = md5 # md to usepolicy = ca_policy # our policyemail_in_dn = no # Don't add the email into cert DNnameopt = default_ca # Subject name display optioncertopt = default_ca # Certificate display optioncopy_extensions = none [ Root2-OCSP ]dir = Root2-OCSPdatabase = $dir\\index.txt # index file.new_certs_dir = $dir\\certs # new certs dircertificate = $dir\\certs\\ca.pem # The CA certserial = $dir\\serial # serial no fileprivate_key = $dir\\private\\ca.key.pem # CA private keyRANDFILE = $dir\\private\\.rand # random number filedefault_days = 365 # how long to certify fordefault_crl_days= 30 # how long before next CRLdefault_md = md5 # md to usepolicy = ca_policy # our policyemail_in_dn = no # Don't add the email into cert DNnameopt = default_ca # Subject name display optioncertopt = default_ca # Certificate display optioncopy_extensions = none [ Root5_Root_Ext ]keyUsage=critical,keyCertSignbasicConstraints=critical,CA:TRUE, pathlen:5subjectKeyIdentifier=hash[ Root5_Ext ]extendedKeyUsage=codeSigningcertificatePolicies=1.2.826.0.1.1796587.1[ Root5_Mid ]keyUsage=critical,keyCertSignbasicConstraints=critical,CA:TRUE, pathlen:5subjectKeyIdentifier=hash[ Root5_Mid_EE ]extendedKeyUsage=codeSigningcertificatePolicies=1.2.826.0.1.1796587.1basicConstraints=critical,CA:FALSE[ NoOCSP_Ext ]1.3.6.1.5.5.7.48.1.5=DER:0500[ req ]distinguished_name = root_ca_distinguished_name[ ca_policy ]organizationName = suppliedcommonName = supplied[ root_ca_distinguished_name ] commonName = Symbian Software Ltd stateOrProvinceName = London countryName = UK emailAddress = Jeremy.Smithers@Symbian.com organizationName = Symbian Software Ltd