aia-test.cnf revision 90dce4d38c5ff5333bea97d859d4e484e27edf0c 
1CA_DIR=out
2CA_NAME=aia-test-root
3AIA_URL=http://aia-test.invalid
4
5[ca]
6default_ca = CA_root
7preserve   = yes
8
9[CA_root]
10dir           = ${ENV::CA_DIR}
11key_size      = 2048
12algo          = sha1
13database      = $dir/${ENV::CA_NAME}-index.txt
14new_certs_dir = $dir
15serial        = $dir/${ENV::CA_NAME}-serial
16certificate   = $dir/${ENV::CA_NAME}.pem
17private_key   = $dir/${ENV::CA_NAME}.key
18RANDFILE      = $dir/.rand
19default_days     = 3650
20default_crl_days = 30
21default_md       = sha1
22policy           = policy_anything
23unique_subject   = no
24copy_extensions  = copy
25
26[user_cert]
27basicConstraints       = critical, CA:false
28extendedKeyUsage       = serverAuth, clientAuth
29authorityInfoAccess    = caIssuers;URI:${ENV::AIA_URL}
30
31[ca_cert]
32basicConstraints       = critical, CA:true
33keyUsage               = critical, keyCertSign, cRLSign
34
35[policy_anything]
36# Default signing policy
37countryName            = optional
38stateOrProvinceName    = optional
39localityName           = optional
40organizationName       = optional
41organizationalUnitName = optional
42commonName             = optional
43emailAddress           = optional
44
45[req]
46default_bits       = 2048
47default_md         = sha1
48string_mask        = utf8only
49prompt             = no
50encrypt_key        = no
51distinguished_name = req_env_dn
52
53[req_env_dn]
54CN = ${ENV::CA_COMMON_NAME}
55
56