1 2#################################################################### 3[ ca ] 4default_ca = CA_default # The default ca section 5 6#################################################################### 7[ CA_default ] 8 9dir = ./demoCA # Where everything is kept 10certs = $dir/certs # Where the issued certs are kept 11crl_dir = $dir/crl # Where the issued crl are kept 12database = $dir/index.txt # database index file. 13new_certs_dir = $dir/new_certs # default place for new certs. 14 15certificate = $dir/CAcert.pem # The CA certificate 16serial = $dir/serial # The current serial number 17crl = $dir/crl.pem # The current CRL 18private_key = $dir/private/CAkey.pem# The private key 19 20default_days = 365 # how long to certify for 21default_crl_days= 30 # how long before next CRL 22default_md = md5 # which md to use. 23 24# A few difference way of specifying how similar the request should look 25# For type CA, the listed attributes must be the same, and the optional 26# and supplied fields are just that :-) 27policy = policy_match 28 29# For the CA policy 30[ policy_match ] 31countryName = match 32stateOrProvinceName = match 33organizationName = match 34organizationalUnitName = optional 35commonName = supplied 36emailAddress = optional 37 38# For the 'anything' policy 39# At this point in time, you must list all acceptable 'object' 40# types. 41[ policy_anything ] 42countryName = optional 43stateOrProvinceName = optional 44localityName = optional 45organizationName = optional 46organizationalUnitName = optional 47commonName = supplied 48emailAddress = optional 49 50#################################################################### 51[ req ] 52distinguished_name = req_distinguished_name 53encrypt_rsa_key = no 54 55# Make altreq be identical to req 56[ altreq ] 57distinguished_name = req_distinguished_name 58encrypt_rsa_key = no 59 60[ req_distinguished_name ] 61countryName = C field 62countryName_value = AU 63stateOrProvinceName = SP field 64stateOrProvinceName_value = 65localityName = L field 66localityName_value = Brisbane 67organizationName = O field 68organizationName_value = CryptSoft Pty Ltd 69organizationalUnitName = OU field 70organizationalUnitName_value = . 71commonName = CN field 72commonName_value = Eric Young 73emailAddress = email field 74emailAddress_value = eay@mincom.oz.au 75 76[ dirname_sec ] 77C = UK 78O = My Organization 79OU = My Unit 80CN = My Name 81