[ ca ] default_ca = RootCA # The default ca section [ RootCA ] dir = . # Where everything is kept certs = $dir/certs # Where the issued certs are kept crl_dir = $dir/crl # Where the issued crl are kept database = $dir/index.txt # database index file. new_certs_dir = $dir/newcerts # default place for new certs. certificate = $dir/cacert.pem # The CA certificate serial = $dir/serial # The current serial number crl = $dir/crl.pem # The current CRL private_key = $dir/private/cakey.pem# The private key RANDFILE = $dir/private/.rand # private random number file unique_subject = no # Set to 'no' to allow creation of # several ctificates with same subject. email_in_dn = yes policy = policy_match x509_extensions = ca_cert # The extentions to add to the cert certificate = $dir/RootCA.cert.pem private_key = $dir/RootCA.key.pem default_days = 365 # how long to certify for default_crl_days= 30 # how long before next CRL default_md = sha1 # which md to use. [ req_distinguished_name ] countryName = Land (2stelliger Code) countryName_default = AT countryName_min = 2 countryName_max = 2 stateOrProvinceName = Bundesstaat stateOrProvinceName_default = Provinz localityName = Stadt localityName_default = Stadt 0.organizationName = Firma 0.organizationName_default = Firma # we can do this but it is not needed normally :-) #1.organizationName = Second Organization Name (eg, company) #1.organizationName_default = World Wide Web Pty Ltd #organizationalUnitName = Abteilung #organizationalUnitName_default = commonName = Common Name commonName_max = 64 commonName_default = Root CA emailAddress = eMail Adresse emailAddress_max = 64 [ req ] distinguished_name = req_distinguished_name [ ca_cert ] basicConstraints=CA:true nsComment = "OpenSSL Generated Certificate with AdditionalPublicKey" subjectKeyIdentifier=hash authorityKeyIdentifier=keyid,issuer:always [ new_oids ] akd=1.3.6.1.4.1.18506.7 [extensions] 1.3.6.1.4.1.18506.7=DER:30:82:02:4D:30:1A:06:0B:2B:06:01:04:01:C1:16:01:01:01:01:06:0B:2B:06:01:04:01:C1:16:01:01:02:2E:03:82:02:2D:00:04:82:02:28:E6:E5:91:A9:ED:CD:97:D6:65:58:65:9F:F2:F8:0B:5B:4A:34:34:EE:D0:05:B4:26:C8:4A:DF:B9:D5:DE:92:B3:44:AD:D7:E0:87:B8:F7:97:C1:38:39:6C:44:6C:0E:B5:D1:5F:E1:1A:79:62:B4:B7:DC:40:57:C8:A1:4C:63:39:19:A2:11:09:C2:52:4B:68:B3:58:DA:8E:20:15:D6:AE:99:ED:97:9F:CB:67:ED:4C:13:A2:8D:6A:C3:71:54:10:E4:8D:71:BD:1E:35:68:C2:1B:10:B2:BE:D8:F1:CD:5E:69:D5:68:03:8A:17:A8:C6:42:81:7C:24:AA:58:B0:10:30:98:FA:F8:03:BF:45:93:F7:6C:72:7F:DD:41:F8:D2:86:4C:DA:AC:AD:B1:59:7C:D6:55:A1:0A:46:FC:E0:89:B1:C6:4A:2A:FD:FA:31:96:EA:72:1E:B4:E6:15:29:0D:A7:62:31:3C:A1:2F:4B:C1:27:D7:74:AF:67:C6:78:C5:5A:30:2A:48:C2:28:0E:C7:17:8F:33:D9:7C:91:F2:E1:8A:91:D7:42:02:E8:65:AA:EE:CC:D7:42:46:E2:A9:70:C4:C1:98:E4:F7:75:34:3C:4C:C4:0D:3A:E1:06:89:3B:24:9A:B0:C4:E9:03:E7:CE:C3:4C:08:54:9C:7C:82:A7:82:DC:7B:94:92:F9:FF:65:85:E0:D2:E3:08:49:70:25:65:81:6B:E0:0B:8A:2E:11:DB:09:C0:10:18:B6:3B:7C:D1:DD:56:41:D9:3D:07:3C:54:4F:AD:64:41:B9:96:3D:D8:0F:F7:7E:8F:9E:3A:F9:AA:C5:28:4F:47:35:F8:B2:90:BA:D8:B6:FC:9E:7E:4C:CE:80:A1:28:34:03:46:C0:AC:42:24:77:E6:5F:08:07:6D:5A:CA:93:D6:F9:7C:8F:1A:11:F1:A6:04:B0:69:66:C5:0B:AB:ED:9A:75:A6:A6:11:28:EE:61:EF:90:B3:D5:DB:FE:E1:DB:C0:0C:20:C8:45:43:D5:06:EF:B5:F1:E4:B5:2A:A1:F2:EF:88:36:AB:4A:E1:B4:61:9D:61:E8:A6:D9:C7:06:78:5A:95:82:66:34:35:EC:0E:EA:D4:5D:0B:D9:18:C5:52:7F:58:5B:F1:4E:39:94:08:BC:60:BA:C5:84:12:E0:99:53:10:CA:FA:CA:45:BE:76:FA:39:1E:7A:E0:B8:02:77:06:08:FF:C8:70:AC:02:F3:1D:FC:95:DB:D1:19:AA:1A:19:E6:80:08:6A:DE:13:C5:48:F0:B3:D9:49:3F:A7:0A:31:08:77:41:98:39:4E:09:8D:F2:21:94:C7:02:9E:EC:CE:62:74:5D:82:AE:75:15:A7:F4:43:82:B3:8A:28:8D:64:CC:37:87:5B:3E:94:EF:9E:E7:88:86:8C:33:49:90:B8:71:3C:3D:3D:1E:9F:F8:25:69:9E:40