Created
September 27, 2012 21:00
-
-
Save boreal321/3796440 to your computer and use it in GitHub Desktop.
OpenSSL configuration file to generate a root certificate for signing client and web server certificates.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[ req ] | |
default_keyfile = ./root_CA.key | |
default_md = sha1 | |
distinguished_name = req_distinguished_name | |
x509_extensions = v3_ca | |
string_mask = nombstr | |
req_extensions = v3_req | |
[ req_distinguished_name ] | |
countryName = Country Name (2 letter code) | |
countryName_default = CA | |
countryName_min = 2 | |
countryName_max = 2 | |
stateOrProvinceName = State or Province Name (full name) | |
stateOrProvinceName_default = Ontario | |
localityName = Locality Name (eg, city) | |
localityName_default = Toronto | |
0.organizationName = Organization Name (eg, company) | |
0.organizationName_default = Company | |
organizationalUnitName = Organizational Unit Name (eg, section) | |
organizationalUnitName_default = Certification Services | |
commonName = Root CA Common Name | |
commonName_default = Company Root CA | |
commonName_max = 64 | |
[ ca_Default ] | |
default_md = sha1 | |
private_key = ./root_CA.key | |
[ v3_ca ] | |
basicConstraints = critical,CA:true | |
keyUsage = cRLSign,keyCertSign | |
nsCertType = objCA | |
nsCaPolicyUrl = http://example.com/ca-policy/ | |
subjectKeyIdentifier = hash | |
[ v3_req ] | |
nsCertType = emailCA,sslCA,objCA,objsign |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment