ap/lib/libssl/openssl-1.1.1o/test/CAss.cnf - T106_DC - Gitiles

 #
 # SSLeay example configuration file.
 # This is mostly being used for generation of certificate requests.
 #

 RANDFILE		= ./.rnd

 ####################################################################
 [ req ]
 default_bits		= 2048
 default_keyfile 	= keySS.pem
 distinguished_name	= req_distinguished_name
 encrypt_rsa_key		= no
 default_md		= sha1

 [ req_distinguished_name ]
 countryName			= Country Name (2 letter code)
 countryName_default		= AU
 countryName_value		= AU

 organizationName		= Organization Name (eg, company)
 organizationName_value		= Dodgy Brothers

 commonName			= Common Name (eg, YOUR name)
 commonName_value		= Dodgy CA

 ####################################################################
 [ ca ]
 default_ca	= CA_default		# The default ca section

 ####################################################################
 [ CA_default ]

 dir		= ./demoCA		# Where everything is kept
 certs		= $dir/certs		# Where the issued certs are kept
 crl_dir		= $dir/crl		# Where the issued crl are kept
 database	= $dir/index.txt	# database index file.
 #unique_subject	= no			# Set to 'no' to allow creation of
 					# several certificates with same subject.
 new_certs_dir	= $dir/newcerts		# default place for new certs.

 certificate	= $dir/cacert.pem 	# The CA certificate
 serial		= $dir/serial 		# The current serial number
 crl		= $dir/crl.pem 		# The current CRL
 private_key	= $dir/private/cakey.pem# The private key
 RANDFILE	= $dir/private/.rand	# private random number file

 x509_extensions	= v3_ca			# The extensions to add to the cert

 name_opt 	= ca_default		# Subject Name options
 cert_opt 	= ca_default		# Certificate field options

 default_days	= 365			# how long to certify for
 default_crl_days= 30			# how long before next CRL
 default_md	= md5			# which md to use.
 preserve	= no			# keep passed DN ordering

 policy		= policy_anything

 [ policy_anything ]
 countryName		= optional
 stateOrProvinceName	= optional
 localityName		= optional
 organizationName	= optional
 organizationalUnitName	= optional
 commonName		= supplied
 emailAddress		= optional


 [ v3_ca ]
 subjectKeyIdentifier=hash
 authorityKeyIdentifier=keyid:always,issuer:always
 basicConstraints = critical,CA:true,pathlen:1
 keyUsage = cRLSign, keyCertSign
 issuerAltName=issuer:copy
	#
	# SSLeay example configuration file.
	# This is mostly being used for generation of certificate requests.
	#

	RANDFILE = ./.rnd

	####################################################################
	[ req ]
	default_bits = 2048
	default_keyfile = keySS.pem
	distinguished_name = req_distinguished_name
	encrypt_rsa_key = no
	default_md = sha1

	[ req_distinguished_name ]
	countryName = Country Name (2 letter code)
	countryName_default = AU
	countryName_value = AU

	organizationName = Organization Name (eg, company)
	organizationName_value = Dodgy Brothers

	commonName = Common Name (eg, YOUR name)
	commonName_value = Dodgy CA

	####################################################################
	[ ca ]
	default_ca = CA_default # The default ca section

	####################################################################
	[ CA_default ]

	dir = ./demoCA # Where everything is kept
	certs = $dir/certs # Where the issued certs are kept
	crl_dir = $dir/crl # Where the issued crl are kept
	database = $dir/index.txt # database index file.
	#unique_subject = no # Set to 'no' to allow creation of
	# several certificates with same subject.
	new_certs_dir = $dir/newcerts # default place for new certs.

	certificate = $dir/cacert.pem # The CA certificate
	serial = $dir/serial # The current serial number
	crl = $dir/crl.pem # The current CRL
	private_key = $dir/private/cakey.pem# The private key
	RANDFILE = $dir/private/.rand # private random number file

	x509_extensions = v3_ca # The extensions to add to the cert

	name_opt = ca_default # Subject Name options
	cert_opt = ca_default # Certificate field options

	default_days = 365 # how long to certify for
	default_crl_days= 30 # how long before next CRL
	default_md = md5 # which md to use.
	preserve = no # keep passed DN ordering

	policy = policy_anything

	[ policy_anything ]
	countryName = optional
	stateOrProvinceName = optional
	localityName = optional
	organizationName = optional
	organizationalUnitName = optional
	commonName = supplied
	emailAddress = optional



	[ v3_ca ]
	subjectKeyIdentifier=hash
	authorityKeyIdentifier=keyid:always,issuer:always
	basicConstraints = critical,CA:true,pathlen:1
	keyUsage = cRLSign, keyCertSign
	issuerAltName=issuer:copy