56 lines
1.3 KiB
INI
56 lines
1.3 KiB
INI
|
[ default ]
|
||
|
ca = kyouma_Issuing_CA
|
||
|
default_md = sha256
|
||
|
|
||
|
[ req ]
|
||
|
utf8 = yes
|
||
|
prompt = no
|
||
|
distinguished_name = dn
|
||
|
req_extensions = v3_issue_req
|
||
|
|
||
|
[ ca ]
|
||
|
default_ca = $ca
|
||
|
|
||
|
[ kyouma_Issuing_CA ]
|
||
|
database = index.txt
|
||
|
rand_serial = yes
|
||
|
new_certs_dir = certs
|
||
|
certificate = ./$ca.pem
|
||
|
private_key = private/$ca.pem
|
||
|
|
||
|
name_opt = multiline, -esc_msb, utf8
|
||
|
cert_opt = ca_default
|
||
|
|
||
|
default_days = 7305
|
||
|
default_crl_days = 7305
|
||
|
|
||
|
unique_subject = no
|
||
|
policy = policy_match
|
||
|
email_in_dn = no
|
||
|
preserve = no
|
||
|
|
||
|
copy_extensions = copy
|
||
|
x509_extensions = v3_cert
|
||
|
crl_extensions = v3_crl
|
||
|
|
||
|
[ policy_match ]
|
||
|
commonName = supplied
|
||
|
UID = supplied
|
||
|
|
||
|
[ dn ]
|
||
|
commonName = kyouma Issuing CA
|
||
|
|
||
|
[ v3_issue_req ]
|
||
|
subjectKeyIdentifier = hash
|
||
|
basicConstraints = critical, CA:true, pathlen:0
|
||
|
|
||
|
[ v3_cert ]
|
||
|
subjectKeyIdentifier = hash
|
||
|
authorityKeyIdentifier = keyid:always
|
||
|
basicConstraints = critical, CA:false
|
||
|
keyUsage = critical, digitalSignature
|
||
|
extendedKeyUsage = clientAuth, anyExtendedKeyUsage
|
||
|
|
||
|
[ v3_crl ]
|
||
|
authorityKeyIdentifier = keyid:always
|