blob: 1608778d3da15ceee227017a7e4071c53ddeeec4 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
|
HOME = .
default_ca = ca
config_diagnostics = 1
####################################################################
[ req ]
x509_extensions = v3_ca
####################################################################
[ usr_cert ]
basicConstraints = critical, CA:FALSE
keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment
subjectKeyIdentifier = hash
##authorityInfoAccess = OCSP;URI:http://127.0.0.1:19254/ocsp
# we do not include aia in the cert.
# we use the s_server option "-status_url" to specify the url.
####################################################################
[ v3_ca ]
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always
basicConstraints = critical,CA:true
keyUsage = critical, cRLSign, keyCertSign
####################################################################
# Minimal CA entry to allow generation of CRLs.
[ ca ]
default_md = sha256
database = index.txt
crlnumber = crlnum.txt
|
