xref: /freebsd/crypto/openssl/test/test.cnf (revision 1669d8afc64812c8d2d1d147ae1fd42ff441e1b1) 
1#
2# SSLeay example configuration file.
3# This is mostly being used for generation of certificate requests.
4#
5
6RANDFILE		= ./.rnd
7
8####################################################################
9[ ca ]
10default_ca	= CA_default		# The default ca section
11
12####################################################################
13[ CA_default ]
14
15dir		= ./demoCA		# Where everything is kept
16certs		= $dir/certs		# Where the issued certs are kept
17crl_dir		= $dir/crl		# Where the issued crl are kept
18database	= $dir/index.txt	# database index file.
19new_certs_dir	= $dir/new_certs	# default place for new certs.
20
21certificate	= $dir/CAcert.pem 	# The CA certificate
22serial		= $dir/serial 		# The current serial number
23crl		= $dir/crl.pem 		# The current CRL
24private_key	= $dir/private/CAkey.pem# The private key
25RANDFILE	= $dir/private/.rand	# private random number file
26
27default_days	= 365			# how long to certify for
28default_crl_days= 30			# how long before next CRL
29default_md	= md5			# which md to use.
30
31# A few difference way of specifying how similar the request should look
32# For type CA, the listed attributes must be the same, and the optional
33# and supplied fields are just that :-)
34policy		= policy_match
35
36# For the CA policy
37[ policy_match ]
38countryName		= match
39stateOrProvinceName	= match
40organizationName	= match
41organizationalUnitName	= optional
42commonName		= supplied
43emailAddress		= optional
44
45# For the 'anything' policy
46# At this point in time, you must list all acceptable 'object'
47# types.
48[ policy_anything ]
49countryName		= optional
50stateOrProvinceName	= optional
51localityName		= optional
52organizationName	= optional
53organizationalUnitName	= optional
54commonName		= supplied
55emailAddress		= optional
56
57####################################################################
58[ req ]
59default_bits		= 512
60default_keyfile 	= testkey.pem
61distinguished_name	= req_distinguished_name
62encrypt_rsa_key		= no
63
64[ req_distinguished_name ]
65countryName			= Country Name (2 letter code)
66countryName_default		= AU
67countryName_value		= AU
68
69stateOrProvinceName		= State or Province Name (full name)
70stateOrProvinceName_default	= Queensland
71stateOrProvinceName_value	=
72
73localityName			= Locality Name (eg, city)
74localityName_value		= Brisbane
75
76organizationName		= Organization Name (eg, company)
77organizationName_default	=
78organizationName_value		= CryptSoft Pty Ltd
79
80organizationalUnitName		= Organizational Unit Name (eg, section)
81organizationalUnitName_default	=
82organizationalUnitName_value	= .
83
84commonName			= Common Name (eg, YOUR name)
85commonName_value		= Eric Young
86
87emailAddress			= Email Address
88emailAddress_value		= eay@mincom.oz.au
89