1 # This file contains the configuration for all the CAs.
3 # Root CA, used to sign the certificates of the intermediary server and
7 database = ./ssl/root_ca-certindex
8 serial = ./ssl/root_ca.srl
11 default_crl_days= 10000
12 certificate = ./ssl/root_ca.crt
13 private_key = ./ssl/root_ca.key
14 new_certs_dir = ./ssl/new_certs_dir
17 copy_extensions = copy
19 # CA used to sign all the server certificates.
22 database = ./ssl/server_ca-certindex
25 default_crl_days= 10000
26 certificate = ./ssl/server_ca.crt
27 private_key = ./ssl/server_ca.key
28 new_certs_dir = ./ssl/new_certs_dir
29 serial = ./ssl/server_ca.srl
32 copy_extensions = copy
34 crl = ./ssl/server.crl
36 # CA used to sign all the client certificates.
39 database = ./ssl/client_ca-certindex
41 # Startdate and enddate are required for testing notBefore/notAfter with
43 default_startdate = 20230629010101Z
44 default_enddate = 20500101010101Z
45 default_crl_days= 10000
46 certificate = ./ssl/client_ca.crt
47 private_key = ./ssl/client_ca.key
48 new_certs_dir = ./ssl/new_certs_dir
49 serial = ./ssl/client_ca.srl
52 copy_extensions = copy
54 crl = ./ssl/client.crl
56 # This is common for all CAs.
58 countryName = optional
59 stateOrProvinceName = optional
60 organizationName = optional
61 organizationalUnitName = optional
63 emailAddress = optional