xref: /openssl/test/test.cnf (revision 7e3f7f1d) 
1
2####################################################################
3[ ca ]
4default_ca	= CA_default		# The default ca section
5
6####################################################################
7[ CA_default ]
8
9dir		= ./demoCA		# Where everything is kept
10certs		= $dir/certs		# Where the issued certs are kept
11crl_dir		= $dir/crl		# Where the issued crl are kept
12database	= $dir/index.txt	# database index file.
13new_certs_dir	= $dir/new_certs	# default place for new certs.
14
15certificate	= $dir/CAcert.pem 	# The CA certificate
16serial		= $dir/serial 		# The current serial number
17crl		= $dir/crl.pem 		# The current CRL
18private_key	= $dir/private/CAkey.pem# The private key
19
20default_days	= 365			# how long to certify for
21default_crl_days= 30			# how long before next CRL
22default_md	= md5			# which md to use.
23
24# A few difference way of specifying how similar the request should look
25# For type CA, the listed attributes must be the same, and the optional
26# and supplied fields are just that :-)
27policy		= policy_match
28
29# For the CA policy
30[ policy_match ]
31countryName		= match
32stateOrProvinceName	= match
33organizationName	= match
34organizationalUnitName	= optional
35commonName		= supplied
36emailAddress		= optional
37
38# For the 'anything' policy
39# At this point in time, you must list all acceptable 'object'
40# types.
41[ policy_anything ]
42countryName		= optional
43stateOrProvinceName	= optional
44localityName		= optional
45organizationName	= optional
46organizationalUnitName	= optional
47commonName		= supplied
48emailAddress		= optional
49
50####################################################################
51[ req ]
52distinguished_name	= req_distinguished_name
53
54# Make altreq be identical to req
55[ altreq ]
56distinguished_name	= req_distinguished_name
57encrypt_rsa_key		= no
58
59[ req_distinguished_name ]
60countryName			= C field
61countryName_value		= AU
62stateOrProvinceName		= SP field
63stateOrProvinceName_value	=
64localityName			= L field
65localityName_value		= Brisbane
66organizationName		= O field
67organizationName_value		= CryptSoft Pty Ltd
68organizationalUnitName		= OU field
69organizationalUnitName_value	= .
70commonName			= CN field
71commonName_value		= Eric Young
72emailAddress			= email field
73emailAddress_value		= eay@mincom.oz.au
74
75[ dirname_sec ]
76C  = UK
77O  = My Organization
78OU = My Unit
79CN = My Name
80
81[ reqexts ]
82keyUsage = critical,digitalSignature,keyEncipherment
83