1
2####################################################################
3[ ca ]
4default_ca	= CA_default		# The default ca section
5
6####################################################################
7[ CA_default ]
8
9dir		= ./demoCA		# Where everything is kept
10certs		= $dir/certs		# Where the issued certs are kept
11crl_dir		= $dir/crl		# Where the issued crl are kept
12database	= $dir/index.txt	# database index file.
13new_certs_dir	= $dir/new_certs	# default place for new certs.
14
15certificate	= $dir/CAcert.pem 	# The CA certificate
16serial		= $dir/serial 		# The current serial number
17crl		= $dir/crl.pem 		# The current CRL
18private_key	= $dir/private/CAkey.pem# The private key
19
20default_days	= 365			# how long to certify for
21default_crl_days= 30			# how long before next CRL
22default_md	= md5			# which md to use.
23
24# A few difference way of specifying how similar the request should look
25# For type CA, the listed attributes must be the same, and the optional
26# and supplied fields are just that :-)
27policy		= policy_match
28
29# For the CA policy
30[ policy_match ]
31countryName		= match
32stateOrProvinceName	= match
33organizationName	= match
34organizationalUnitName	= optional
35commonName		= supplied
36emailAddress		= optional
37
38# For the 'anything' policy
39# At this point in time, you must list all acceptable 'object'
40# types.
41[ policy_anything ]
42countryName		= optional
43stateOrProvinceName	= optional
44localityName		= optional
45organizationName	= optional
46organizationalUnitName	= optional
47commonName		= supplied
48emailAddress		= optional
49
50####################################################################
51[ req ]
52distinguished_name	= req_distinguished_name
53encrypt_rsa_key		= no
54
55# Make altreq be identical to req
56[ altreq ]
57distinguished_name	= req_distinguished_name
58encrypt_rsa_key		= no
59
60[ req_distinguished_name ]
61countryName			= C field
62countryName_value		= AU
63stateOrProvinceName		= SP field
64stateOrProvinceName_value	=
65localityName			= L field
66localityName_value		= Brisbane
67organizationName		= O field
68organizationName_value		= CryptSoft Pty Ltd
69organizationalUnitName		= OU field
70organizationalUnitName_value	= .
71commonName			= CN field
72commonName_value		= Eric Young
73emailAddress			= email field
74emailAddress_value		= eay@mincom.oz.au
75