github.com/zmap/zcrypto@v0.0.0-20240512203510-0fef58d9a9db/x509/testdata/ca.cnf (about) 1 SUBJECT_NAME = req_dn 2 KEY_SIZE = 2048 3 4 [req] 5 default_bits = ${ENV::KEY_SIZE} 6 default_md = sha256 7 string_mask = utf8only 8 prompt = no 9 encrypt_key = no 10 distinguished_name = ${ENV::SUBJECT_NAME} 11 req_extensions = req_extensions 12 13 [req_extensions] 14 subjectAltName = IP:127.0.0.1 15 16 [root_extensions] 17 basicConstraints = critical, CA:true 18 subjectKeyIdentifier = hash 19 authorityKeyIdentifier = keyid:always,issuer 20 keyUsage = critical, cRLSign, keyCertSign 21 22 [intermediate_extensions] 23 basicConstraints = critical, CA:true 24 subjectKeyIdentifier = hash 25 authorityKeyIdentifier = keyid:always,issuer 26 keyUsage = critical, cRLSign, keyCertSign 27 28 [leaf_extensions] 29 basicConstraints = critical, CA:FALSE 30 subjectKeyIdentifier = hash 31 authorityKeyIdentifier = keyid,issuer 32 keyUsage = digitalSignature, keyEncipherment, dataEncipherment 33 34 [root_ca] 35 new_certs_dir = out 36 unique_subject = no 37 database = out/root.index 38 serial = out/root.serial 39 default_days = 1825 40 default_md = sha256 41 policy = root_ca_policy 42 email_in_dn = no 43 44 [intermediate_ca] 45 new_certs_dir = out 46 unique_subject = no 47 database = out/intermediate.index 48 serial = out/intermediate.serial 49 default_days = 1825 50 default_md = sha256 51 policy = intermediate_ca_policy 52 email_in_dn = no 53 54 [root_ca_policy] 55 commonName = supplied 56 57 [intermediate_ca_policy] 58 commonName = supplied 59 60 [root_subject] 61 C = US 62 ST = Michigan 63 L = Ann Arbor 64 O = ZCrypto 65 CN = ZCrypto Root Authority 66 67 [intermediate_subject] 68 C = US 69 ST = Michigan 70 L = Ann Arbor 71 O = ZCrypto 72 CN = ZCrypto Intermediate Authority 73 74 [leaf_never_valid] 75 C = US 76 ST = Michigan 77 L = Ann Arbor 78 O = Test 79 CN = never-valid.example.com 80