infra/samba-pki-tools
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
72e8b513a1b054ead2c0cb2a8dcee01a71904865
samba-pki-tools/templates/openssl_root_ca.tmpl
T
kguerineau 72e8b513a1 [ADD] First commit
2023-01-31 22:04:12 +01:00

54 lines
1.4 KiB
Cheetah
Raw Blame History

[ ca ]
default_ca = {{ organization_ou }}
[ CA_default ]
dir = {{ pki_dir }}
certs = $dir/certs
crl_dir = $dir/crl
new_certs_dir = $dir/newcerts
database = $dir/index.txt
serial = $dir/serial
private_key = $dir/private/root_ca.key
RANDFILE = $dir/private/.rand
default_md = sha512
name_opt = ca_default
cert_opt = ca_default
default_days = {{ default_cert_duration }}
preserve = no
policy = policy_strict
[ policy_strict ]
countryName = match
stateOrProvinceName = match
organizationName = match
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
[ req ]
defaults_bits = 4096
distinguished_name = req_distinguished_name
string_mask = utf8only
prompt = no
default_md = sha512
[ req_distinguished_name ]
C = {{ country }}
ST = {{ state }}
L = {{ city }}
O = {{ organization_name }}
OU = {{ organization_ou }}
CN = {{ organization_cn }}
[ v3_ca ]
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer
basicConstraints = critical, CA:true
keyUsage = critical, digitalSignature, cRLSign, keyCertSign
crlDistributionPoints = {{ crl_uri }}
Reference in New Issue View Git Blame Copy Permalink