pki/kyouma_Root_CA/kyouma_Root_CA.cfg

[ default ]
ca                      = kyouma_Root_CA
default_md              = sha256

[ req ]
utf8                    = yes
prompt                  = no
distinguished_name      = dn
req_extensions          = v3_root_req

[ ca ]
default_ca              = $ca

[ kyouma_Root_CA ]
database                = index.txt
rand_serial             = yes
new_certs_dir           = certs
certificate             = $ca.pem
private_key             = private/$ca.pem

name_opt                = multiline, -esc_msb, utf8
cert_opt                = ca_default

default_days            = 7305
default_crl_days        = 7305

unique_subject          = no
policy                  = policy_match
email_in_dn             = no
preserve                = no

copy_extensions         = none
x509_extensions         = v3_issue
crl_extensions          = v3_crl

[ policy_match ]
commonName              = supplied

[ dn ]
commonName              = kyouma Root CA

[ v3_root ]
subjectKeyIdentifier    = hash
authorityKeyIdentifier  = keyid:always
basicConstraints        = critical, CA:true
keyUsage                = critical, keyCertSign, cRLSign

[ v3_root_req ]
subjectKeyIdentifier    = hash
basicConstraints        = critical, CA:true
keyUsage                = critical, keyCertSign, cRLSign


[ v3_issue ]
subjectKeyIdentifier    = hash
authorityKeyIdentifier  = keyid:always
basicConstraints        = critical, CA:true, pathlen:0

[ v3_crl ]
authorityKeyIdentifier  = keyid:always
Initial commit uwu 2024-06-21 17:02:58 +02:00			`[ default ]`
			`ca = kyouma_Root_CA`
			`default_md = sha256`

			`[ req ]`
			`utf8 = yes`
			`prompt = no`
			`distinguished_name = dn`
			`req_extensions = v3_root_req`

			`[ ca ]`
			`default_ca = $ca`

			`[ kyouma_Root_CA ]`
			`database = index.txt`
			`rand_serial = yes`
			`new_certs_dir = certs`
			`certificate = $ca.pem`
			`private_key = private/$ca.pem`

			`name_opt = multiline, -esc_msb, utf8`
			`cert_opt = ca_default`

			`default_days = 7305`
			`default_crl_days = 7305`

			`unique_subject = no`
			`policy = policy_match`
			`email_in_dn = no`
			`preserve = no`

			`copy_extensions = none`
			`x509_extensions = v3_issue`
			`crl_extensions = v3_crl`

			`[ policy_match ]`
			`commonName = supplied`

			`[ dn ]`
			`commonName = kyouma Root CA`

			`[ v3_root ]`
			`subjectKeyIdentifier = hash`
			`authorityKeyIdentifier = keyid:always`
			`basicConstraints = critical, CA:true`
			`keyUsage = critical, keyCertSign, cRLSign`

			`[ v3_root_req ]`
			`subjectKeyIdentifier = hash`
			`basicConstraints = critical, CA:true`
			`keyUsage = critical, keyCertSign, cRLSign`


			`[ v3_issue ]`
			`subjectKeyIdentifier = hash`
			`authorityKeyIdentifier = keyid:always`
			`basicConstraints = critical, CA:true, pathlen:0`

			`[ v3_crl ]`
			`authorityKeyIdentifier = keyid:always`