# -*- coding: utf-8 mode: conf -*- vim:sw=4:sts=4:et:ai:si:sta:fenc=utf-8 [ca] default_ca = dmca [dmca] dir = @@cadir@@ certs = $dir/certs crl_dir = $dir/crl database = $dir/index.txt unique_subject = no new_certs_dir = $dir/newcerts certificate = $dir/dmca.crt serial = $dir/serial crl = $dir/dmca.crl private_key = $dir/dmca.key RANDFILE = $dir/private/.rand x509_extensions = usr_cert name_opt = ca_default cert_opt = ca_default default_days = 10950 default_crl_days = 30 default_md = sha256 preserve = no policy = policy_match [policy_match] countryName = match stateOrProvinceName = match organizationName = match organizationalUnitName = optional commonName = supplied emailAddress = optional [req] default_bits = 2048 default_md = sha256 default_keyfile = privkey.pem distinguished_name = req_distinguished_name attributes = req_attributes x509_extensions = v3_ca string_mask = utf8only [req_distinguished_name] countryName = Country Name (2 letter code) countryName_default = FR countryName_min = 2 countryName_max = 2 stateOrProvinceName = State or Province Name (full name) stateOrProvinceName_default = La Reunion localityName = Locality Name (eg, city) localityName_default = Sainte-Clotilde 0.organizationName = Organization Name (eg, company) 0.organizationName_default = jclain organizationalUnitName = Organizational Unit Name (eg, section) organizationalUnitName_default = commonName = Common Name (eg, your name or your server\'s hostname) commonName_default = dmca commonName_max = 64 emailAddress = Email Address emailAddress_default = jephte.clain@univ-reunion.fr emailAddress_max = 64 [req_attributes] challengePassword = A challenge password challengePassword_min = 4 challengePassword_max = 20 unstructuredName = dmca [usr_cert] basicConstraints=CA:FALSE nsComment = "dmca certificate" subjectKeyIdentifier=hash authorityKeyIdentifier=keyid,issuer:always [v3_req] basicConstraints = CA:FALSE keyUsage = nonRepudiation,digitalSignature,keyEncipherment [v3_ca] #subjectKeyIdentifier=hash #authorityKeyIdentifier=keyid:always,issuer basicConstraints = critical,CA:true keyUsage = critical,keyCertSign,digitalSignature,keyEncipherment,keyAgreement [crl_ext] #issuerAltName=issuer:copy authorityKeyIdentifier=keyid:always