File: ca.cnf

package info (click to toggle)
openssl 3.6.0-2
  • links: PTS, VCS
  • area: main
  • in suites: experimental
  • size: 148,104 kB
  • sloc: ansic: 612,658; perl: 248,939; asm: 6,332; sh: 1,755; pascal: 997; python: 648; makefile: 551; lisp: 35; ruby: 16; cpp: 10; sed: 6
file content (34 lines) | stat: -rw-r--r-- 970 bytes parent folder | download | duplicates (6) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
 
HOME               = .
default_ca         = ca
config_diagnostics = 1

####################################################################

[ req ]
x509_extensions	= v3_ca

####################################################################

[ usr_cert ]
basicConstraints = critical, CA:FALSE
keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment
subjectKeyIdentifier = hash
##authorityInfoAccess = OCSP;URI:http://127.0.0.1:19254/ocsp
# we do not include aia in the cert.
# we use the s_server option "-status_url" to specify the url.

####################################################################

[ v3_ca ]
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always
basicConstraints = critical,CA:true
keyUsage = critical, cRLSign, keyCertSign

####################################################################

# Minimal CA entry to allow generation of CRLs.
[ ca ]
default_md = sha256
database = index.txt
crlnumber = crlnum.txt