aboutsummaryrefslogtreecommitdiff
path: root/server/testdata/x509/ca.conf
diff options
context:
space:
mode:
authorRasmus Dahlberg <rasmus.dahlberg@kau.se>2020-11-03 20:01:08 +0100
committerRasmus Dahlberg <rasmus.dahlberg@kau.se>2020-11-03 20:01:08 +0100
commit0168f18229402b299a3fb3bb6fe3edb8e3ffa7fc (patch)
tree19ffe21cf8cebf43859e00bc1ddac20593161ac5 /server/testdata/x509/ca.conf
parent71ed441c7d0ce507d72f02fb06679b6479fefc19 (diff)
added chain processing with intermediate certificates
Basic test chains can be generated manually with openssl, see details in server/testdata/x509/README.md.
Diffstat (limited to 'server/testdata/x509/ca.conf')
-rw-r--r--server/testdata/x509/ca.conf59
1 files changed, 59 insertions, 0 deletions
diff --git a/server/testdata/x509/ca.conf b/server/testdata/x509/ca.conf
new file mode 100644
index 0000000..7889331
--- /dev/null
+++ b/server/testdata/x509/ca.conf
@@ -0,0 +1,59 @@
+[ca]
+default_ca = ca_settings
+
+[ ca_settings ]
+dir = .
+certs = $dir
+crl_dir = $dir
+new_certs_dir = $dir
+database = $dir/index
+serial = $dir/serial
+
+private_key = $dir/root.key
+certificate = $dir/root.pem
+
+policy = ca_policy
+
+[ ca_policy ]
+countryName = optional
+stateOrProvinceName = optional
+localityName = optional
+organizationName = optional
+organizationalUnitName = optional
+commonName = supplied
+emailAddress = optional
+
+# Options for the `req` tool, `man req`
+[ req ]
+distinguished_name = req_distinguished_name
+
+# Extensions for a typical CA, see `man x509v3_config`
+[ v3_ca ]
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid:always,issuer
+basicConstraints = critical, CA:true
+keyUsage = critical, digitalSignature, keyCertSign
+
+# Extensions for a typical intermediate CA, see `man x509v3_config`
+[ v3_intermediate_ca ]
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid:always,issuer
+basicConstraints = critical, CA:true, pathlen:0
+keyUsage = critical, digitalSignature, keyCertSign
+
+[ req_distinguished_name ]
+countryName = Country Name (2 letter code)
+stateOrProvinceName = State or Province Name
+localityName = Locality Name
+0.organizationName = Organization Name
+organizationalUnitName = Organizational Unit Name
+commonName = Common Name
+emailAddress = Email Address
+
+countryName_default = NA
+stateOrProvinceName_default = NA
+localityName_default = NA
+0.organizationName_default = NA
+organizationalUnitName_default = NA
+emailAddress_default = NA
+commonName_default = stfe testdata