Created
August 17, 2008 02:42
-
-
Save patrickberkeley/5783 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# My sample caconfig.cnf file. | |
# | |
# Default configuration to use when one is not provided on the command line. | |
# | |
[ ca ] | |
default_ca = local_ca | |
# | |
# | |
# Default location of directories and files needed to generate certificates. | |
# | |
[ local_ca ] | |
dir = /home/<username>/myCA | |
certificate = $dir/cacert.pem | |
database = $dir/index.txt | |
new_certs_dir = $dir/signedcerts | |
private_key = $dir/private/cakey.pem | |
serial = $dir/serial | |
# | |
# | |
# Default expiration and encryption policies for certificates. | |
# | |
default_crl_days = 365 | |
default_days = 1825 | |
default_md = md5 | |
# | |
policy = local_ca_policy | |
x509_extensions = local_ca_extensions | |
# | |
# | |
# Default policy to use when generating server certificates. The following | |
# fields must be defined in the server certificate. | |
# | |
[ local_ca_policy ] | |
commonName = supplied | |
stateOrProvinceName = supplied | |
countryName = supplied | |
emailAddress = supplied | |
organizationName = supplied | |
organizationalUnitName = supplied | |
# | |
# | |
# x509 extensions to use when generating server certificates. | |
# | |
[ local_ca_extensions ] | |
subjectAltName = DNS:alt.tradeshowhell.com | |
basicConstraints = CA:false | |
nsCertType = server | |
# | |
# | |
# The default root certificate generation policy. | |
# | |
[ req ] | |
default_bits = 2048 | |
default_keyfile = /home/<username>/myCA/private/cakey.pem | |
default_md = md5 | |
# | |
prompt = no | |
distinguished_name = root_ca_distinguished_name | |
x509_extensions = root_ca_extensions | |
# | |
# | |
# Root Certificate Authority distinguished name. Change these fields to match | |
# your local environment! | |
# | |
[ root_ca_distinguished_name ] | |
commonName = MyOwn Root Certificate Authority | |
stateOrProvinceName = NC | |
countryName = US | |
emailAddress = root@tradeshowhell.com | |
organizationName = Trade Show Hell | |
organizationalUnitName = IT Department | |
# | |
[ root_ca_extensions ] | |
basicConstraints = CA:true |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment