61 lines
1.4 KiB
INI
61 lines
1.4 KiB
INI
|
[ default ]
|
||
|
ca = kyouma_Root_CA
|
||
|
default_md = sha256
|
||
|
|
||
|
[ req ]
|
||
|
utf8 = yes
|
||
|
prompt = no
|
||
|
distinguished_name = dn
|
||
|
req_extensions = v3_root_req
|
||
|
|
||
|
[ ca ]
|
||
|
default_ca = $ca
|
||
|
|
||
|
[ kyouma_Root_CA ]
|
||
|
database = index.txt
|
||
|
rand_serial = yes
|
||
|
new_certs_dir = certs
|
||
|
certificate = $ca.pem
|
||
|
private_key = private/$ca.pem
|
||
|
|
||
|
name_opt = multiline, -esc_msb, utf8
|
||
|
cert_opt = ca_default
|
||
|
|
||
|
default_days = 7305
|
||
|
default_crl_days = 7305
|
||
|
|
||
|
unique_subject = no
|
||
|
policy = policy_match
|
||
|
email_in_dn = no
|
||
|
preserve = no
|
||
|
|
||
|
copy_extensions = none
|
||
|
x509_extensions = v3_issue
|
||
|
crl_extensions = v3_crl
|
||
|
|
||
|
[ policy_match ]
|
||
|
commonName = supplied
|
||
|
|
||
|
[ dn ]
|
||
|
commonName = kyouma Root CA
|
||
|
|
||
|
[ v3_root ]
|
||
|
subjectKeyIdentifier = hash
|
||
|
authorityKeyIdentifier = keyid:always
|
||
|
basicConstraints = critical, CA:true
|
||
|
keyUsage = critical, keyCertSign, cRLSign
|
||
|
|
||
|
[ v3_root_req ]
|
||
|
subjectKeyIdentifier = hash
|
||
|
basicConstraints = critical, CA:true
|
||
|
keyUsage = critical, keyCertSign, cRLSign
|
||
|
|
||
|
|
||
|
[ v3_issue ]
|
||
|
subjectKeyIdentifier = hash
|
||
|
authorityKeyIdentifier = keyid:always
|
||
|
basicConstraints = critical, CA:true, pathlen:0
|
||
|
|
||
|
[ v3_crl ]
|
||
|
authorityKeyIdentifier = keyid:always
|