Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update root-ca.conf #324

Draft
wants to merge 1 commit into
base: master
Choose a base branch
from
Draft

Update root-ca.conf #324

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
13 changes: 7 additions & 6 deletions frontend/root-ca.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,15 +1,15 @@
[ default ]
ca = rootCA # CA name
ca = rootCA # CA name
aia_url = _TOKEN_/any_path.cer?any=params # CA certificate URL
crl_url = _TOKEN_/any_path.crl?any=params # CRL distribution point
crl_url = _TOKEN_/any_path.crl?any=params # CRL distribution point
ocsp_url = _TOKEN_/any_path.oscp?any=params # OCSP responder URL
name_opt = multiline,-esc_msb,utf8 # Display UTF-8 characters

# CA certificate request
[ req ]
default_bits = 2048 # RSA key size
encrypt_key = yes # Protect private key
default_md = sha256 # MD to use
default_md = sha256 # MD to use
utf8 = yes # Input is UTF-8
string_mask = utf8only # Emit UTF-8 strings
prompt = no # Don't prompt for DN
Expand All @@ -28,6 +28,7 @@ basicConstraints = critical,CA:true
subjectKeyIdentifier = hash

# CA operational settings

[ ca ]
default_ca = root_ca # The default CA section

Expand All @@ -39,15 +40,15 @@ database = TMPDIR/db
serial = TMPDIR/ser
default_days = 3652 # How long to certify for
unique_subject = no
default_md = sha256 # MD to use
default_md = sha256 # MD to use
policy = match_pol # Default naming policy
email_in_dn = no # Add email to cert DN
preserve = no # Keep passed DN ordering
name_opt = $name_opt # Subject DN display options
cert_opt = ca_default # Certificate display options
copy_extensions = copy # Copy extensions from CSR
x509_extensions = ca_ext # Default cert extensions
default_crl_days = 1 # How long before next CRL
x509_extensions = ca_ext # Default cert extensions
default_crl_days = 1 # How long before the next CRL
crl_extensions = crl_ext # CRL extensions

[ match_pol ]
Expand Down