diff options
Diffstat (limited to 'net/data/ssl/scripts/redundant-ca.cnf')
| -rw-r--r-- | net/data/ssl/scripts/redundant-ca.cnf | 46 |
1 files changed, 13 insertions, 33 deletions
diff --git a/net/data/ssl/scripts/redundant-ca.cnf b/net/data/ssl/scripts/redundant-ca.cnf index e1b24e0..b03eb81 100644 --- a/net/data/ssl/scripts/redundant-ca.cnf +++ b/net/data/ssl/scripts/redundant-ca.cnf @@ -1,21 +1,18 @@ +CA_DIR = out + [ca] default_ca = CA_root preserve = yes # The default test root, used to generate certificates and CRLs. [CA_root] -dir = $ENV::CA_DIR -key_size = $ENV::KEY_SIZE -algo = $ENV::ALGO -cert_type = $ENV::CERT_TYPE -type = $ENV::TYPE -certificate = $ENV::CERTIFICATE -database = $dir/$type-index.txt -new_certs_dir = $dir -serial = $dir/$type-serial -certificate = $dir/$certificate.pem -private_key = $dir/$type.key -RANDFILE = $dir/rand +dir = ${ENV::CA_DIR} +database = ${dir}/${ENV::CERTIFICATE}-index.txt +new_certs_dir = ${dir} +serial = ${dir}/${ENV::CERTIFICATE}-serial +certificate = ${dir}/${ENV::CERTIFICATE}.pem +private_key = ${dir}/${ENV::CERTIFICATE}.key +RANDFILE = ${dir}/rand default_days = 3650 default_crl_days = 30 default_md = sha1 @@ -51,30 +48,13 @@ commonName = optional emailAddress = optional [req] -# The request section used to generate the root CA certificate. This should -# not be used to generate end-entity certificates. For certificates other -# than the root CA, see README to find the appropriate configuration file -# (ie: openssl_cert.cnf). -default_bits = $ENV::KEY_SIZE +# The request section used to generate certificate requests. +default_bits = 2048 default_md = sha1 string_mask = utf8only prompt = no encrypt_key = no -distinguished_name = $ENV::CA_NAME - -[req_ca_dn] -C = US -ST = California -L = Mountain View -O = Test CA -CN = Test Root 2 CA - -[req_intermediate_dn] -C = US -ST = California -L = Mountain View -O = Test CA -CN = Test Intermediate 2 CA +distinguished_name = req_env_dn [req_env_dn] -CN = $ENV::CA_COMMON_NAME +CN = ${ENV::CA_COMMON_NAME} |