26 lines
731 B
INI
26 lines
731 B
INI
[ req ]
|
|
default_bits = 2048
|
|
default_md = sha256
|
|
default_days = 1
|
|
encrypt_key = no
|
|
distinguished_name = subject
|
|
x509_extensions = x509_ext
|
|
string_mask = utf8only
|
|
prompt = no
|
|
|
|
[ subject ]
|
|
organizationName = Snapdrop
|
|
OU = CA
|
|
commonName = snapdrop-CA
|
|
|
|
[ x509_ext ]
|
|
subjectKeyIdentifier = hash
|
|
authorityKeyIdentifier = keyid:always,issuer
|
|
|
|
# You only need digitalSignature below. *If* you don't allow
|
|
# RSA Key transport (i.e., you use ephemeral cipher suites), then
|
|
# omit keyEncipherment because that's key transport.
|
|
|
|
basicConstraints = critical, CA:TRUE, pathlen:0
|
|
keyUsage = critical, digitalSignature, keyEncipherment, cRLSign, keyCertSign
|
|
|