155714Skris# 255714Skris# SSLeay example configuration file. 355714Skris# This is mostly being used for generation of certificate requests. 455714Skris# 555714Skris 655714SkrisRANDFILE = ./.rnd 755714Skris 855714Skris#################################################################### 955714Skris[ ca ] 1055714Skrisdefault_ca = CA_default # The default ca section 1155714Skris 1255714Skris#################################################################### 1355714Skris[ CA_default ] 1455714Skris 1555714Skrisdir = ./demoCA # Where everything is kept 1655714Skriscerts = $dir/certs # Where the issued certs are kept 1755714Skriscrl_dir = $dir/crl # Where the issued crl are kept 1855714Skrisdatabase = $dir/index.txt # database index file. 1955714Skrisnew_certs_dir = $dir/new_certs # default place for new certs. 2055714Skris 2155714Skriscertificate = $dir/CAcert.pem # The CA certificate 2255714Skrisserial = $dir/serial # The current serial number 2355714Skriscrl = $dir/crl.pem # The current CRL 2455714Skrisprivate_key = $dir/private/CAkey.pem# The private key 2555714SkrisRANDFILE = $dir/private/.rand # private random number file 2655714Skris 2755714Skrisdefault_days = 365 # how long to certify for 2855714Skrisdefault_crl_days= 30 # how long before next CRL 2955714Skrisdefault_md = md5 # which md to use. 3055714Skris 3155714Skris# A few difference way of specifying how similar the request should look 3255714Skris# For type CA, the listed attributes must be the same, and the optional 3355714Skris# and supplied fields are just that :-) 3455714Skrispolicy = policy_match 3555714Skris 3655714Skris# For the CA policy 3755714Skris[ policy_match ] 3855714SkriscountryName = match 3955714SkrisstateOrProvinceName = match 4055714SkrisorganizationName = match 4155714SkrisorganizationalUnitName = optional 4255714SkriscommonName = supplied 4355714SkrisemailAddress = optional 4455714Skris 4555714Skris# For the 'anything' policy 4655714Skris# At this point in time, you must list all acceptable 'object' 4755714Skris# types. 4855714Skris[ policy_anything ] 4955714SkriscountryName = optional 5055714SkrisstateOrProvinceName = optional 5155714SkrislocalityName = optional 5255714SkrisorganizationName = optional 5355714SkrisorganizationalUnitName = optional 5455714SkriscommonName = supplied 5555714SkrisemailAddress = optional 5655714Skris 5755714Skris#################################################################### 5855714Skris[ req ] 5955714Skrisdefault_bits = 512 6055714Skrisdefault_keyfile = testkey.pem 6155714Skrisdistinguished_name = req_distinguished_name 6255714Skrisencrypt_rsa_key = no 6355714Skris 6455714Skris[ req_distinguished_name ] 6555714SkriscountryName = Country Name (2 letter code) 6655714SkriscountryName_default = AU 6755714SkriscountryName_value = AU 6855714Skris 6955714SkrisstateOrProvinceName = State or Province Name (full name) 7055714SkrisstateOrProvinceName_default = Queensland 7155714SkrisstateOrProvinceName_value = 7255714Skris 7355714SkrislocalityName = Locality Name (eg, city) 7455714SkrislocalityName_value = Brisbane 7555714Skris 7655714SkrisorganizationName = Organization Name (eg, company) 7755714SkrisorganizationName_default = 7855714SkrisorganizationName_value = CryptSoft Pty Ltd 7955714Skris 8055714SkrisorganizationalUnitName = Organizational Unit Name (eg, section) 8155714SkrisorganizationalUnitName_default = 8255714SkrisorganizationalUnitName_value = . 8355714Skris 8455714SkriscommonName = Common Name (eg, YOUR name) 8555714SkriscommonName_value = Eric Young 8655714Skris 8755714SkrisemailAddress = Email Address 8855714SkrisemailAddress_value = eay@mincom.oz.au 89