nishim/openssl.ca.conf

## openssl.ca.conf
[ req ]
default_bits       = 4096
default_md         = sha512
prompt             = no
encrypt_key        = no
distinguished_name = req_distinguished_name
x509_extensions     = v3_ca

[ req_distinguished_name ]
countryName            = "JP"
commonName             = "My CA"

[ v3_ca ]
basicConstraints       = critical, CA:true
subjectKeyIdentifier   = hash
keyUsage               = critical, keyCertSign, cRLSign
	[ req ]
	default_bits = 4096
	default_md = sha512
	prompt = no
	encrypt_key = no
	distinguished_name = req_distinguished_name
	x509_extensions = v3_ca

	[ req_distinguished_name ]
	countryName = "JP"
	commonName = "My CA"

	[ v3_ca ]
	basicConstraints = critical, CA:true
	subjectKeyIdentifier = hash
	keyUsage = critical, keyCertSign, cRLSign