diff options
Diffstat (limited to 'tests/aleksey-xkms-01/keys/openssl.cnf')
-rw-r--r-- | tests/aleksey-xkms-01/keys/openssl.cnf | 106 |
1 files changed, 0 insertions, 106 deletions
diff --git a/tests/aleksey-xkms-01/keys/openssl.cnf b/tests/aleksey-xkms-01/keys/openssl.cnf deleted file mode 100644 index 0d6326bc..00000000 --- a/tests/aleksey-xkms-01/keys/openssl.cnf +++ /dev/null @@ -1,106 +0,0 @@ -# -# aleksey-xkms-01 OpenSSL configuration file. -# -# Environment variables: -# CA_TOP - the CA folder (./demoCA) -# CERT_NAME - the currently generated certificate name ("") - -# This definition stops the following lines choking if HOME isn't -# defined. -HOME = . -RANDFILE = $ENV::HOME/.rnd - -[ ca ] -default_ca = CA_default # The default ca section - -[ CA_default ] -dir = $ENV::CA_TOP # Where everything is kept -certs = $dir/certs # Where the issued certs are kept -crl_dir = $dir/crl # Where the issued crl are kept -database = $dir/index.txt # database index file. -new_certs_dir = $dir/newcerts # default place for new certs. - -certificate = cert1.pem # The CA certificate -private_key = key1.pem # The private key -serial = $dir/serial # The current serial number -crl = $dir/crl.pem # The current CRL -RANDFILE = $dir/private/.rand # private random number file - -x509_extensions = usr_cert # The extentions to add to the cert - -# Comment out the following two lines for the "traditional" -# (and highly broken) format. -name_opt = ca_default # Subject Name options -cert_opt = ca_default # Certificate field options - -default_days = 3650 # how long to certify for -default_crl_days = 30 # how long before next CRL -default_md = sha1 # which md to use. -preserve = no # keep passed DN ordering - -policy = policy_match - -[ policy_match ] -countryName = match -stateOrProvinceName = match -organizationName = match -organizationalUnitName = optional -commonName = supplied -emailAddress = optional - -[ policy_anything ] -countryName = optional -stateOrProvinceName = optional -localityName = optional -organizationName = optional -organizationalUnitName = optional -commonName = supplied -emailAddress = optional - -#################################################################### -[ req ] -default_bits = 1024 -default_keyfile = privkey.pem -distinguished_name = req_distinguished_name -attributes = req_attributes -x509_extensions = v3_ca -input_password = secret -output_password = secret -string_mask = nombstr - -[ req_distinguished_name ] -countryName = Country Name (2 letter code) -countryName_default = US -stateOrProvinceName = State or Province Name (full name) -stateOrProvinceName_default = California -localityName = Locality Name (eg, city) -localityName_default = Sunnyvale -0.organizationName = Organization Name (eg, company) -0.organizationName_default = XML Security Library -organizationalUnitName = Organizational Unit Name (eg, section) -organizationalUnitName_default = $ENV::CERT_NAME -commonName = Common Name (eg, your name or your server\'s hostname) -commonName_default = http://www.aleksey.com/xmlsec -emailAddress = Email Address -emailAddress_default = xmlsec@aleksey.com - -[ req_attributes ] - -[ v3_req ] -basicConstraints = CA:FALSE -keyUsage = nonRepudiation, digitalSignature, keyEncipherment -nsComment = $ENV::CERT_NAME - -[ v3_ca ] -basicConstraints = CA:TRUE -subjectKeyIdentifier = hash -authorityKeyIdentifier = keyid:always,issuer:always -nsComment = $ENV::CERT_NAME - -[ usr_cert ] -basicConstraints = CA:FALSE -nsCertType = client, email, objsign -keyUsage = nonRepudiation, digitalSignature, keyEncipherment -nsComment = $ENV::CERT_NAME -subjectKeyIdentifier = hash -authorityKeyIdentifier = keyid,issuer:always |