41 lines
1.0 KiB
INI
41 lines
1.0 KiB
INI
#
|
|
# OpenSSL configuration file.
|
|
#
|
|
|
|
[ withLeadingPeriod ]
|
|
subjectKeyIdentifier = hash
|
|
authorityKeyIdentifier = keyid:always,issuer
|
|
basicConstraints = critical,CA:true
|
|
keyUsage = critical,keyCertSign
|
|
nameConstraints = critical,permitted;DNS:.example.com
|
|
|
|
[ withoutLeadingPeriod ]
|
|
subjectKeyIdentifier = hash
|
|
authorityKeyIdentifier = keyid:always,issuer
|
|
basicConstraints = critical,CA:true
|
|
keyUsage = critical,keyCertSign
|
|
nameConstraints = critical,permitted;DNS:example.com
|
|
|
|
[ v3_ca ]
|
|
subjectKeyIdentifier = hash
|
|
authorityKeyIdentifier = keyid:always,issuer
|
|
basicConstraints = critical,CA:true
|
|
keyUsage = critical,keyCertSign
|
|
|
|
|
|
[req]
|
|
distinguished_name = req_distinguished_name
|
|
x509_extensions = v3_ca # The extentions to add to self signed certs
|
|
req_extensions = v3_req # The extensions to add to req's
|
|
|
|
prompt = no
|
|
|
|
[req_distinguished_name]
|
|
C = US
|
|
O = Example
|
|
CN = example.com
|
|
|
|
[v3_req]
|
|
keyUsage = keyEncipherment, dataEncipherment
|
|
extendedKeyUsage = serverAuth
|