|
|
| Line 1: |
Line 1: |
| − | <pre>
| |
| − | [ca]
| |
| − | default_ca = issuer
| |
| | | | |
| − | [issuer]
| |
| − | private_key = /home/pjones/db/ca.key
| |
| − | certificate = /home/pjones/db/ca.crt
| |
| − | database = /home/pjones/db/ca.db
| |
| − | serial = /home/pjones/db/ca.srl
| |
| − | default_md = SHA256
| |
| − | new_certs_dir = /tmp/tmp.Ee0O9HNoGJ
| |
| − | policy = no_policy
| |
| − |
| |
| − | [no_policy]
| |
| − |
| |
| − | [req_oids]
| |
| − | domainComponent = 0.9.2342.19200300.100.1.25
| |
| − |
| |
| − | [req_ca]
| |
| − | prompt = no
| |
| − | oid_section = req_oids
| |
| − | distinguished_name = req_ca_name
| |
| − | default_md = SHA256
| |
| − | subjectKeyIdentifier=hash
| |
| − |
| |
| − | [req_ca_name]
| |
| − | C=US
| |
| − | #stateOrProvinceName=SomeState
| |
| − | localityName=SomeCity
| |
| − | O=SomeOrg
| |
| − | #commonName = Test Certifying CA
| |
| − |
| |
| − | [v3_ca]
| |
| − | subjectKeyIdentifier=hash
| |
| − | authorityKeyIdentifier=keyid:always
| |
| − | #authorityKeyIdentifier=keyid:always,issuer:always
| |
| − | keyUsage=nonRepudiation,digitalSignature,keyEncipherment,dataEncipherment,keyAgreement,keyCertSign,cRLSign
| |
| − | basicConstraints=critical,CA:TRUE
| |
| − | nsComment="Testing CA Certificate"
| |
| − |
| |
| − | [req_ocsp]
| |
| − | prompt = no
| |
| − | oid_section = req_oids
| |
| − | distinguished_name = req_ocsp_name
| |
| − | default_md = SHA256
| |
| − |
| |
| − | [req_ocsp_name]
| |
| − | C=US
| |
| − | #stateOrProvinceName=SomeState
| |
| − | localityName=SomeOrg
| |
| − | O=SomeOrg
| |
| − | #commonName = OCSP Signer for Test Certifying CA
| |
| − |
| |
| − | [v3_ocsp]
| |
| − | subjectKeyIdentifier=hash
| |
| − | #authorityKeyIdentifier=keyid:always,issuer:always
| |
| − | authorityKeyIdentifier=keyid:always
| |
| − | keyUsage=digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement,keyCertSign,cRLSign
| |
| − | extendedKeyUsage=1.3.6.1.5.5.7.3.9
| |
| − | #basicConstraints=CA:FALSE
| |
| − | basicConstraints=CA:TRUE
| |
| − | nsComment="Testing OCSP Certificate"
| |
| − | 1.3.6.1.5.5.7.48.1.5=ASN1:NULL
| |
| − |
| |
| − | [req_issued]
| |
| − | prompt = no
| |
| − | oid_section = req_oids
| |
| − | distinguished_name = req_issued_name
| |
| − | default_md = SHA256
| |
| − |
| |
| − | [req_issued_name]
| |
| − | C=US
| |
| − | #stateOrProvinceName=SomeState
| |
| − | localityName=SomeCity
| |
| − | O=SomeOrg
| |
| − | commonName = Fedora
| |
| − |
| |
| − | [v3_issued]
| |
| − | #certificatePolicies=2.5.29.32.0,1.3.6.1.5.5.7.3.3,1.3.6.1.4.1.311.10.3.1
| |
| − | subjectKeyIdentifier=hash
| |
| − | authorityKeyIdentifier=keyid:always
| |
| − | #authorityKeyIdentifier=keyid:always,issuer:always
| |
| − | keyUsage = critical,digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement,keyCertSign,cRLSign,encipherOnly,decipherOnly
| |
| − | extendedKeyUsage = 1.3.6.1.5.5.7.3.3,1.3.6.1.4.1.311.10.3.1
| |
| − | basicConstraints=CA:FALSE
| |
| − | nsComment="Testing Certificate for Fedora"
| |
| − | </pre>
| |
