1*ebfedea0SLionel Sambuc# 2*ebfedea0SLionel Sambuc# SSLeay example configuration file. 3*ebfedea0SLionel Sambuc# This is mostly being used for generation of certificate requests. 4*ebfedea0SLionel Sambuc# 5*ebfedea0SLionel Sambuc 6*ebfedea0SLionel SambucRANDFILE = ./.rnd 7*ebfedea0SLionel Sambuc 8*ebfedea0SLionel Sambuc#################################################################### 9*ebfedea0SLionel Sambuc[ ca ] 10*ebfedea0SLionel Sambucdefault_ca = CA_default # The default ca section 11*ebfedea0SLionel Sambuc 12*ebfedea0SLionel Sambuc#################################################################### 13*ebfedea0SLionel Sambuc[ CA_default ] 14*ebfedea0SLionel Sambuc 15*ebfedea0SLionel Sambucdir = ./demoCA # Where everything is kept 16*ebfedea0SLionel Sambuccerts = $dir/certs # Where the issued certs are kept 17*ebfedea0SLionel Sambuccrl_dir = $dir/crl # Where the issued crl are kept 18*ebfedea0SLionel Sambucdatabase = $dir/index.txt # database index file. 19*ebfedea0SLionel Sambucnew_certs_dir = $dir/new_certs # default place for new certs. 20*ebfedea0SLionel Sambuc 21*ebfedea0SLionel Sambuccertificate = $dir/CAcert.pem # The CA certificate 22*ebfedea0SLionel Sambucserial = $dir/serial # The current serial number 23*ebfedea0SLionel Sambuccrl = $dir/crl.pem # The current CRL 24*ebfedea0SLionel Sambucprivate_key = $dir/private/CAkey.pem# The private key 25*ebfedea0SLionel SambucRANDFILE = $dir/private/.rand # private random number file 26*ebfedea0SLionel Sambuc 27*ebfedea0SLionel Sambucdefault_days = 365 # how long to certify for 28*ebfedea0SLionel Sambucdefault_crl_days= 30 # how long before next CRL 29*ebfedea0SLionel Sambucdefault_md = md5 # which md to use. 30*ebfedea0SLionel Sambuc 31*ebfedea0SLionel Sambuc# A few difference way of specifying how similar the request should look 32*ebfedea0SLionel Sambuc# For type CA, the listed attributes must be the same, and the optional 33*ebfedea0SLionel Sambuc# and supplied fields are just that :-) 34*ebfedea0SLionel Sambucpolicy = policy_match 35*ebfedea0SLionel Sambuc 36*ebfedea0SLionel Sambuc# For the CA policy 37*ebfedea0SLionel Sambuc[ policy_match ] 38*ebfedea0SLionel SambuccountryName = match 39*ebfedea0SLionel SambucstateOrProvinceName = match 40*ebfedea0SLionel SambucorganizationName = match 41*ebfedea0SLionel SambucorganizationalUnitName = optional 42*ebfedea0SLionel SambuccommonName = supplied 43*ebfedea0SLionel SambucemailAddress = optional 44*ebfedea0SLionel Sambuc 45*ebfedea0SLionel Sambuc# For the 'anything' policy 46*ebfedea0SLionel Sambuc# At this point in time, you must list all acceptable 'object' 47*ebfedea0SLionel Sambuc# types. 48*ebfedea0SLionel Sambuc[ policy_anything ] 49*ebfedea0SLionel SambuccountryName = optional 50*ebfedea0SLionel SambucstateOrProvinceName = optional 51*ebfedea0SLionel SambuclocalityName = optional 52*ebfedea0SLionel SambucorganizationName = optional 53*ebfedea0SLionel SambucorganizationalUnitName = optional 54*ebfedea0SLionel SambuccommonName = supplied 55*ebfedea0SLionel SambucemailAddress = optional 56*ebfedea0SLionel Sambuc 57*ebfedea0SLionel Sambuc#################################################################### 58*ebfedea0SLionel Sambuc[ req ] 59*ebfedea0SLionel Sambucdefault_bits = 1024 60*ebfedea0SLionel Sambucdefault_keyfile = testkey.pem 61*ebfedea0SLionel Sambucdistinguished_name = req_distinguished_name 62*ebfedea0SLionel Sambucencrypt_rsa_key = no 63*ebfedea0SLionel Sambuc 64*ebfedea0SLionel Sambuc[ req_distinguished_name ] 65*ebfedea0SLionel SambuccountryName = Country Name (2 letter code) 66*ebfedea0SLionel SambuccountryName_default = AU 67*ebfedea0SLionel SambuccountryName_value = AU 68*ebfedea0SLionel Sambuc 69*ebfedea0SLionel SambucstateOrProvinceName = State or Province Name (full name) 70*ebfedea0SLionel SambucstateOrProvinceName_default = Queensland 71*ebfedea0SLionel SambucstateOrProvinceName_value = 72*ebfedea0SLionel Sambuc 73*ebfedea0SLionel SambuclocalityName = Locality Name (eg, city) 74*ebfedea0SLionel SambuclocalityName_value = Brisbane 75*ebfedea0SLionel Sambuc 76*ebfedea0SLionel SambucorganizationName = Organization Name (eg, company) 77*ebfedea0SLionel SambucorganizationName_default = 78*ebfedea0SLionel SambucorganizationName_value = CryptSoft Pty Ltd 79*ebfedea0SLionel Sambuc 80*ebfedea0SLionel SambucorganizationalUnitName = Organizational Unit Name (eg, section) 81*ebfedea0SLionel SambucorganizationalUnitName_default = 82*ebfedea0SLionel SambucorganizationalUnitName_value = . 83*ebfedea0SLionel Sambuc 84*ebfedea0SLionel SambuccommonName = Common Name (eg, YOUR name) 85*ebfedea0SLionel SambuccommonName_value = Eric Young 86*ebfedea0SLionel Sambuc 87*ebfedea0SLionel SambucemailAddress = Email Address 88*ebfedea0SLionel SambucemailAddress_value = eay@mincom.oz.au 89