Rev 179 | Rev 185 | Go to most recent revision | Blame | Compare with Previous | Last modification | View Log | Download | RSS feed
[ req ]
default_bits = 2048 # default key size
default_md = sha256 # default message digest algorithm
distinguished_name = req_distinguished_name # definition used for DN
req_extensions = v3_req # go look at v3_req section for the extensions def
prompt = no # do not ask questions, take defaults
[ req_distinguished_name ]
#commonName = required # may also use CN
#countryName = optional # may also use C
#stateOrProvinceName = optional # may also use ST
#organizationName = optional # may also use O
#organizationalUnitName = optional # may also use OU
#emailAddress = optional
# Required fields
CN = www.example.com
# not required
C = US
ST = Texas
O = Example Corp
L = Dallas
OU = Headquarters
emailAddress = info@example.com
[ v3_req ]
keyUsage = critical, digitalSignature, keyEncipherment
extendedKeyUsage = serverAuth, clientAuth
subjectAltName = @alt_names # look for section [ alt_names ] for all the names
basicConstraints = CA:FALSE
# these are not used in our scenario
# authorityKeyIdentifier = keyid,issuer
#certificatePolicies = policies that govern the use of the certificate, useful in compliance scenarios
#crlDistributionPoints = URLs for retrieving the CRL
# list of all names for the cert, filled in by makeCert if .ext file does
# not exist
[ alt_names ]
Generated by GNU Enscript 1.6.5.90.