/etc/ca/openssl.cnf (1)

From RaySoft
#-----------------------------------------------------------------------
# openssl.cnf
# ===========
#
# Scope     Native
# Copyright (C) 2022 by RaySoft, Zurich, Switzerland
# License   GNU General Public License (GPL) 2.0
#           https://www.gnu.org/licenses/gpl2.txt
#
#-----------------------------------------------------------------------

[ policy_any ]
countryName             = supplied
organizationName        = supplied
commonName              = supplied

[ ca ]
default_ca              = ca_default

[ ca_default ]
dir                     = .
database                = $dir/index.txt
new_certs_dir           = $dir

certificate             = $dir/ca.crt
serial                  = $dir/serial
private_key             = $dir/ca.key
RANDFILE                = $dir/.rand

default_days            = 1825
default_crl_days        = 30
default_md              = sha256

policy                  = policy_any
email_in_dn             = no

name_opt                = ca_default
cert_opt                = ca_default
copy_extensions         = none

x509_extensions         = ca_cert

[ ca_cert ]
basicConstraints        = CA:true
subjectKeyIdentifier    = hash
authorityKeyIdentifier  = keyid,issuer:always