browser-csr-generation/ca.cnf

32 lines
822 B
Text
Raw Normal View History

extensions = v3_ext
[ca]
default_ca = EXAMPLECA
[EXAMPLECA]
dir = ./exampleca
certs = $dir/certs
crl_dir = $dir/crl
database = $dir/index.txt
new_certs_dir = $dir/newcerts
serial = $dir/serial
crl = $dir/crl.pem
certificate = $dir/ca.crt.pem
serial = $dir/serial
crl = $dir/crl.pem
private_key = $dir/private/ca.key.pem
RANDFILE = $dir/private/.rand
unique_subject = no
email_in_dn = no
default_md = sha256
[policy_match]
commonName = supplied
[client_ext]
basicConstraints = critical,CA:false
keyUsage = keyEncipherment,digitalSignature,nonRepudiation
extendedKeyUsage = clientAuth,emailProtection
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer:always