pki/kyouma_Issuing_CA/kyouma_Issuing_CA.cfg

[ default ]
ca                      = kyouma_Issuing_CA
default_md              = sha256

[ req ]
utf8                    = yes
prompt                  = no
distinguished_name      = dn
req_extensions          = v3_issue_req

[ ca ]
default_ca              = $ca

[ kyouma_Issuing_CA ]
database                = index.txt
rand_serial             = yes
new_certs_dir           = certs
certificate             = ./$ca.pem
private_key             = private/$ca.pem

name_opt                = multiline, -esc_msb, utf8
cert_opt                = ca_default

default_days            = 7305
default_crl_days        = 7305

unique_subject          = no
policy                  = policy_match
email_in_dn             = no
preserve                = no

copy_extensions         = copy
x509_extensions         = v3_cert
crl_extensions          = v3_crl

[ policy_match ]
commonName              = supplied
UID                     = supplied

[ dn ]
commonName              = kyouma Issuing CA

[ v3_issue_req ]
subjectKeyIdentifier    = hash
basicConstraints        = critical, CA:true, pathlen:0

[ v3_cert ]
subjectKeyIdentifier    = hash
authorityKeyIdentifier  = keyid:always
basicConstraints        = critical, CA:false
keyUsage                = critical, digitalSignature
extendedKeyUsage        = clientAuth, anyExtendedKeyUsage

[ v3_crl ]
authorityKeyIdentifier  = keyid:always
Initial commit uwu 2024-06-21 17:02:58 +02:00			`[ default ]`
			`ca = kyouma_Issuing_CA`
			`default_md = sha256`

			`[ req ]`
			`utf8 = yes`
			`prompt = no`
			`distinguished_name = dn`
			`req_extensions = v3_issue_req`

			`[ ca ]`
			`default_ca = $ca`

			`[ kyouma_Issuing_CA ]`
			`database = index.txt`
			`rand_serial = yes`
			`new_certs_dir = certs`
			`certificate = ./$ca.pem`
			`private_key = private/$ca.pem`

			`name_opt = multiline, -esc_msb, utf8`
			`cert_opt = ca_default`

			`default_days = 7305`
			`default_crl_days = 7305`

			`unique_subject = no`
			`policy = policy_match`
			`email_in_dn = no`
			`preserve = no`

			`copy_extensions = copy`
			`x509_extensions = v3_cert`
			`crl_extensions = v3_crl`

			`[ policy_match ]`
			`commonName = supplied`
			`UID = supplied`

			`[ dn ]`
			`commonName = kyouma Issuing CA`

			`[ v3_issue_req ]`
			`subjectKeyIdentifier = hash`
			`basicConstraints = critical, CA:true, pathlen:0`

			`[ v3_cert ]`
			`subjectKeyIdentifier = hash`
			`authorityKeyIdentifier = keyid:always`
			`basicConstraints = critical, CA:false`
			`keyUsage = critical, digitalSignature`
			`extendedKeyUsage = clientAuth, anyExtendedKeyUsage`

			`[ v3_crl ]`
			`authorityKeyIdentifier = keyid:always`