aboutsummaryrefslogtreecommitdiff
path: root/openssl-1.1.0h/demos/certs/apps/apps.cnf
diff options
context:
space:
mode:
Diffstat (limited to 'openssl-1.1.0h/demos/certs/apps/apps.cnf')
-rw-r--r--openssl-1.1.0h/demos/certs/apps/apps.cnf69
1 files changed, 69 insertions, 0 deletions
diff --git a/openssl-1.1.0h/demos/certs/apps/apps.cnf b/openssl-1.1.0h/demos/certs/apps/apps.cnf
new file mode 100644
index 0000000..531afe6
--- /dev/null
+++ b/openssl-1.1.0h/demos/certs/apps/apps.cnf
@@ -0,0 +1,69 @@
+#
+# OpenSSL configuration file to create apps directory certificates
+#
+
+# This definition stops the following lines choking if HOME or CN
+# is undefined.
+HOME = .
+RANDFILE = $ENV::HOME/.rnd
+CN = "Not Defined"
+
+####################################################################
+[ req ]
+default_bits = 2048
+default_keyfile = privkey.pem
+# Don't prompt for fields: use those in section directly
+prompt = no
+distinguished_name = req_distinguished_name
+x509_extensions = v3_ca # The extensions to add to the self signed cert
+string_mask = utf8only
+
+# req_extensions = v3_req # The extensions to add to a certificate request
+
+[ req_distinguished_name ]
+countryName = UK
+
+organizationName = OpenSSL Group
+organizationalUnitName = FOR TESTING PURPOSES ONLY
+# Take CN from environment so it can come from a script.
+commonName = $ENV::CN
+
+[ usr_cert ]
+
+# These extensions are added when 'ca' signs a request for an end entity
+# certificate
+
+basicConstraints=critical, CA:FALSE
+keyUsage=critical, nonRepudiation, digitalSignature, keyEncipherment
+
+# This will be displayed in Netscape's comment listbox.
+nsComment = "OpenSSL Generated Certificate"
+
+[ ec_cert ]
+
+# These extensions are added when 'ca' signs a request for an end entity
+# certificate
+
+basicConstraints=critical, CA:FALSE
+keyUsage=critical, nonRepudiation, digitalSignature, keyAgreement
+
+# This will be displayed in Netscape's comment listbox.
+nsComment = "OpenSSL Generated Certificate"
+
+# PKIX recommendations harmless if included in all certificates.
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid
+
+[ v3_ca ]
+
+
+# Extensions for a typical CA
+
+# PKIX recommendation.
+
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid:always
+basicConstraints = critical,CA:true
+keyUsage = critical, cRLSign, keyCertSign
+
+
generated by cgit