Home | History | Annotate | Download | only in android.testssl 
      1 #
      2 # SSLeay example configuration file.
      3 # This is mostly being used for generation of certificate requests.
      4 #
      5 
      6 RANDFILE		= /sdcard/android.testssl/.rnd
      7 
      8 ####################################################################
      9 [ req ]
     10 default_bits		= 2048
     11 default_keyfile 	= keySS.pem
     12 distinguished_name	= req_distinguished_name
     13 encrypt_rsa_key		= no
     14 default_md		= sha1
     15 
     16 [ req_distinguished_name ]
     17 countryName			= Country Name (2 letter code)
     18 countryName_default		= AU
     19 countryName_value		= AU
     20 
     21 organizationName		= Organization Name (eg, company)
     22 organizationName_value		= Dodgy Brothers
     23 
     24 commonName			= Common Name (eg, YOUR name)
     25 commonName_value		= Dodgy CA
     26 
     27 ####################################################################
     28 [ ca ]
     29 default_ca	= CA_default		# The default ca section
     30 
     31 ####################################################################
     32 [ CA_default ]
     33 
     34 dir		= ./demoCA		# Where everything is kept
     35 certs		= $dir/certs		# Where the issued certs are kept
     36 crl_dir		= $dir/crl		# Where the issued crl are kept
     37 database	= $dir/index.txt	# database index file.
     38 #unique_subject	= no			# Set to 'no' to allow creation of
     39 					# several ctificates with same subject.
     40 new_certs_dir	= $dir/newcerts		# default place for new certs.
     41 
     42 certificate	= $dir/cacert.pem 	# The CA certificate
     43 serial		= $dir/serial 		# The current serial number
     44 crl		= $dir/crl.pem 		# The current CRL
     45 private_key	= $dir/private/cakey.pem# The private key
     46 RANDFILE	= $dir/private/.rand	# private random number file
     47 
     48 x509_extensions	= v3_ca			# The extentions to add to the cert
     49 
     50 name_opt 	= ca_default		# Subject Name options
     51 cert_opt 	= ca_default		# Certificate field options
     52 
     53 default_days	= 365			# how long to certify for
     54 default_crl_days= 30			# how long before next CRL
     55 default_md	= md5			# which md to use.
     56 preserve	= no			# keep passed DN ordering
     57 
     58 policy		= policy_anything
     59 
     60 [ policy_anything ]
     61 countryName		= optional
     62 stateOrProvinceName	= optional
     63 localityName		= optional
     64 organizationName	= optional
     65 organizationalUnitName	= optional
     66 commonName		= supplied
     67 emailAddress		= optional
     68 
     69 
     70 
     71 [ v3_ca ]
     72 subjectKeyIdentifier=hash
     73 authorityKeyIdentifier=keyid:always,issuer:always
     74 basicConstraints = CA:true,pathlen:1
     75 keyUsage = cRLSign, keyCertSign
     76 issuerAltName=issuer:copy
     77