X509_extensions = usr_cert # The extentions to add to the cert RANDFILE = $dir/private/.rand # private random number file Private_key = $dir/private/cakey.pem # The private key Serial = $dir/serial # The current serial number New_certs_dir = $dir/newcerts # default place for new certs.Ĭertificate = $dir/cacert.pem # The CA certificate # Or use config file substitution like this:ĭefault_ca = CA_default # The default ca sectionĭir = /var/ssl # Where everything is keptĬerts = $dir/certs # Where the issued certs are keptĬrl_dir = $dir/crl # Where the issued crl are keptĭatabase = $dir/index.txt # database index file. # We can add new OIDs in here for use by 'ca' and 'req'. # X.509v3 extensions in its main section.) # (Alternatively, use a configuration file that has only # "openssl x509" utility, name here the section containing the # To use this configuration file with the "-extfile" option of the # This is mostly being used for generation of certificate requests. etc/openssl.cnf must be configured accordingly to minimize input entry.
0 kommentar(er)
