1e1051a39Sopenharmony_ci 2e1051a39Sopenharmony_ci# Comment out the next line to ignore configuration errors 3e1051a39Sopenharmony_ciconfig_diagnostics = 1 4e1051a39Sopenharmony_ci 5e1051a39Sopenharmony_ciCN2 = Brother 2 6e1051a39Sopenharmony_ci 7e1051a39Sopenharmony_ci#################################################################### 8e1051a39Sopenharmony_ci[ req ] 9e1051a39Sopenharmony_cidistinguished_name = req_distinguished_name 10e1051a39Sopenharmony_ciencrypt_rsa_key = no 11e1051a39Sopenharmony_cidefault_md = sha1 12e1051a39Sopenharmony_ci 13e1051a39Sopenharmony_ci[ req_distinguished_name ] 14e1051a39Sopenharmony_cicountryName = Country Name (2 letter code) 15e1051a39Sopenharmony_cicountryName_value = AU 16e1051a39Sopenharmony_ciorganizationName = Organization Name (eg, company) 17e1051a39Sopenharmony_ciorganizationName_value = Dodgy Brothers 18e1051a39Sopenharmony_cicommonName = Common Name (eg, YOUR name) 19e1051a39Sopenharmony_cicommonName_value = Dodgy CA 20e1051a39Sopenharmony_ci 21e1051a39Sopenharmony_ci#################################################################### 22e1051a39Sopenharmony_ci[ userreq ] 23e1051a39Sopenharmony_cidistinguished_name = user_dn 24e1051a39Sopenharmony_ciencrypt_rsa_key = no 25e1051a39Sopenharmony_cidefault_md = sha256 26e1051a39Sopenharmony_ciprompt = no 27e1051a39Sopenharmony_ci 28e1051a39Sopenharmony_ci[ user_dn ] 29e1051a39Sopenharmony_cicountryName = AU 30e1051a39Sopenharmony_ciorganizationName = Dodgy Brothers 31e1051a39Sopenharmony_ci0.commonName = Brother 1 32e1051a39Sopenharmony_ci1.commonName = $ENV::CN2 33e1051a39Sopenharmony_ci 34e1051a39Sopenharmony_ci[ v3_ee ] 35e1051a39Sopenharmony_cisubjectKeyIdentifier = hash 36e1051a39Sopenharmony_ciauthorityKeyIdentifier = keyid,issuer:always 37e1051a39Sopenharmony_cibasicConstraints = CA:false 38e1051a39Sopenharmony_cikeyUsage = nonRepudiation, digitalSignature, keyEncipherment 39e1051a39Sopenharmony_ci 40e1051a39Sopenharmony_ci[ v3_ee_dsa ] 41e1051a39Sopenharmony_cisubjectKeyIdentifier = hash 42e1051a39Sopenharmony_ciauthorityKeyIdentifier = keyid:always 43e1051a39Sopenharmony_cibasicConstraints = CA:false 44e1051a39Sopenharmony_cikeyUsage = nonRepudiation, digitalSignature 45e1051a39Sopenharmony_ci 46e1051a39Sopenharmony_ci[ v3_ee_ec ] 47e1051a39Sopenharmony_cisubjectKeyIdentifier = hash 48e1051a39Sopenharmony_ciauthorityKeyIdentifier = keyid:always 49e1051a39Sopenharmony_cibasicConstraints = CA:false 50e1051a39Sopenharmony_cikeyUsage = nonRepudiation, digitalSignature, keyAgreement 51e1051a39Sopenharmony_ci 52e1051a39Sopenharmony_ci#################################################################### 53e1051a39Sopenharmony_ci[ ca ] 54e1051a39Sopenharmony_cidefault_ca = CA_default 55e1051a39Sopenharmony_ci 56e1051a39Sopenharmony_ci[ CA_default ] 57e1051a39Sopenharmony_cidir = ./demoCA 58e1051a39Sopenharmony_cicerts = $dir/certs 59e1051a39Sopenharmony_cicrl_dir = $dir/crl 60e1051a39Sopenharmony_cidatabase = $dir/index.txt 61e1051a39Sopenharmony_cinew_certs_dir = $dir/newcerts 62e1051a39Sopenharmony_cicertificate = $dir/cacert.pem 63e1051a39Sopenharmony_ciserial = $dir/serial 64e1051a39Sopenharmony_cicrl = $dir/crl.pem 65e1051a39Sopenharmony_ciprivate_key = $dir/private/cakey.pem 66e1051a39Sopenharmony_cix509_extensions = v3_ca 67e1051a39Sopenharmony_ciname_opt = ca_default 68e1051a39Sopenharmony_cicert_opt = ca_default 69e1051a39Sopenharmony_cidefault_days = 365 70e1051a39Sopenharmony_cidefault_crl_days= 30 71e1051a39Sopenharmony_cidefault_md = sha1 72e1051a39Sopenharmony_cipreserve = no 73e1051a39Sopenharmony_cipolicy = policy_anything 74e1051a39Sopenharmony_ci 75e1051a39Sopenharmony_ci[ policy_anything ] 76e1051a39Sopenharmony_cicountryName = optional 77e1051a39Sopenharmony_cistateOrProvinceName = optional 78e1051a39Sopenharmony_cilocalityName = optional 79e1051a39Sopenharmony_ciorganizationName = optional 80e1051a39Sopenharmony_ciorganizationalUnitName = optional 81e1051a39Sopenharmony_cicommonName = supplied 82e1051a39Sopenharmony_ciemailAddress = optional 83e1051a39Sopenharmony_ci 84e1051a39Sopenharmony_ci[ v3_ca ] 85e1051a39Sopenharmony_cisubjectKeyIdentifier = hash 86e1051a39Sopenharmony_ciauthorityKeyIdentifier = keyid:always,issuer:always 87e1051a39Sopenharmony_cibasicConstraints = critical,CA:true,pathlen:1 88e1051a39Sopenharmony_cikeyUsage = cRLSign, keyCertSign 89e1051a39Sopenharmony_ciissuerAltName = issuer:copy 90