CAss.cnf revision 392aa7cc7d2b122614c5393c3e357da07fd07af3 
1#
2# SSLeay example configuration file.
3# This is mostly being used for generation of certificate requests.
4#
5
6RANDFILE		= /sdcard/android.testssl/.rnd
7
8####################################################################
9[ req ]
10default_bits		= 2048
11default_keyfile 	= keySS.pem
12distinguished_name	= req_distinguished_name
13encrypt_rsa_key		= no
14default_md		= sha1
15
16[ req_distinguished_name ]
17countryName			= Country Name (2 letter code)
18countryName_default		= AU
19countryName_value		= AU
20
21organizationName		= Organization Name (eg, company)
22organizationName_value		= Dodgy Brothers
23
24commonName			= Common Name (eg, YOUR name)
25commonName_value		= Dodgy CA
26
27####################################################################
28[ ca ]
29default_ca	= CA_default		# The default ca section
30
31####################################################################
32[ CA_default ]
33
34dir		= ./demoCA		# Where everything is kept
35certs		= $dir/certs		# Where the issued certs are kept
36crl_dir		= $dir/crl		# Where the issued crl are kept
37database	= $dir/index.txt	# database index file.
38#unique_subject	= no			# Set to 'no' to allow creation of
39					# several ctificates with same subject.
40new_certs_dir	= $dir/newcerts		# default place for new certs.
41
42certificate	= $dir/cacert.pem 	# The CA certificate
43serial		= $dir/serial 		# The current serial number
44crl		= $dir/crl.pem 		# The current CRL
45private_key	= $dir/private/cakey.pem# The private key
46RANDFILE	= $dir/private/.rand	# private random number file
47
48x509_extensions	= v3_ca			# The extentions to add to the cert
49
50name_opt 	= ca_default		# Subject Name options
51cert_opt 	= ca_default		# Certificate field options
52
53default_days	= 365			# how long to certify for
54default_crl_days= 30			# how long before next CRL
55default_md	= md5			# which md to use.
56preserve	= no			# keep passed DN ordering
57
58policy		= policy_anything
59
60[ policy_anything ]
61countryName		= optional
62stateOrProvinceName	= optional
63localityName		= optional
64organizationName	= optional
65organizationalUnitName	= optional
66commonName		= supplied
67emailAddress		= optional
68
69
70
71[ v3_ca ]
72subjectKeyIdentifier=hash
73authorityKeyIdentifier=keyid:always,issuer:always
74basicConstraints = CA:true,pathlen:1
75keyUsage = cRLSign, keyCertSign
76issuerAltName=issuer:copy
77