Subversion Repositories sysadmin_scripts

Rev

Rev 185 | Details | Compare with Previous | Last modification | View Log | RSS feed

Rev Author Line No. Line
179 rodolico 1
[ req ]
182 rodolico 2
default_bits        = 2048            # Size of keys
3
default_keyfile     = privkey.pem     # Default private key file
4
distinguished_name  = req_distinguished_name
5
prompt              = no
6
#string_mask         = utf8
7
req_extensions      = req_ext          # Extensions to add to certificate requests
179 rodolico 8
 
9
[ req_distinguished_name ]
182 rodolico 10
# Modify these for your network
179 rodolico 11
C  = US
12
ST = Texas
182 rodolico 13
L  = Dallas
179 rodolico 14
O  = Example Corp
182 rodolico 15
OU = Office
16
CN = example.org
17
emailAddress = admin@example.org
179 rodolico 18
 
182 rodolico 19
[ req_ext ]
20
keyUsage = critical, digitalSignature, keyEncipherment
21
extendedKeyUsage = serverAuth
22
subjectAltName = @alt_names
179 rodolico 23
 
182 rodolico 24
# this section gets destroyed when creating server ext files
25
[alt_names]
26
DNS.1 = mydomain.com
27
DNS.2 = www.mydomain.com
28
 
29
# used when creating a CA
30
[ ca ]
31
default_ca = CA_default
32
 
33
[ CA_default ]
185 rodolico 34
keyUsage = critical, digitalSignature, keyEncipherment, cRLSign, keyCertSign
35
extendedKeyUsage = serverAuth, clientAuth
182 rodolico 36
basicConstraints = CA:TRUE
37
 
38
# used when creating a Server Cert
39
[ server ]
40
# Extensions for server certificates
41
keyUsage = critical, digitalSignature, keyEncipherment
186 rodolico 42
extendedKeyUsage = serverAuth, clientAuth
182 rodolico 43
basicConstraints = CA:FALSE  # Specify that this is not a CA
44