# nsopenssl Test Certificate Authority Configuration File
#
# $Header: /cvsroot/aolserver/nsopenssl/ca/ca2.conf,v 1.2 2002/10/08 02:33:45 scottg Exp $
#
# This configuration file is used to generate a CA cert and sign
# test certificates for nsopenssl testing.

[ ca ]
default_ca              = ca2

[ ca2 ]
certificate             = ca2/ca2.pem
private_key             = ca2/ca2.key
new_certs_dir           = ca2/certificates
crl_dir                 = ca2/crl
crl                     = ca2/crl/crl.pem
database                = ca2/index.txt
serial                  = ca2/serial
default_days            = 365
default_crl_days        = 30
default_md              = md5
preserve                = no
policy                  = ca2-policy
x509_extensions         = ca2-extensions 

[ ca2-policy ]
countryName             = USA
stateOrProvinceName     = Florida
localityName            = None
organizationName        = None
organizationalUnitName  = None
commonName              = scottg
emailAddress            = scott@scottg.net

# These extensions are added when a cert is signed by the CA
[ ca2-extensions ]
basicConstraints = CA:false

[ req ]
default_bits            = 2048
default_keyfile         = ca2/ca2.key
default_md              = md5
prompt                  = no
distinguished_name      = root-ca2-distinguished-name
x509_extensions         = root-ca2-x509-extensions

[ root-ca2-distinguished-name ]
commonName              = nsopenssl CA #2 Test CA
stateOrProvinceName     = Florida
countryName             = US
emailAddress            = ca2@scottg.net
organizationName        = nsopenssl CA #2 Root Certification Authority

[ root-ca2-x509-extensions ]
basicConstraints = CA:true