Home Explore Help
Register Sign In
wareck
/
krackattacks
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 4b78669686
Branches Tags
krackattacks
/
tests
/
hwsim
/
auth_serv
/
openssl2.cnf

openssl2.cnf 2.9 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146 
  1. HOME			= .
    2. 

  2. RANDFILE		= $ENV::HOME/.rnd
    3. 

  3. oid_section		= new_oids
    4. 

  4. 

  5. [ new_oids ]
    6. 

  6. 

  7. [ ca ]
    8. 

  8. default_ca	= CA_default
    9. 

  9. 

  10. [ CA_default ]
    11. 

  11. 

  12. dir		= ./test-ca
    13. 

  13. certs		= $dir/certs
    14. 

  14. crl_dir		= $dir/crl
    15. 

  15. database	= $dir/index.txt
    16. 

  16. unique_subject	= no
    17. 

  17. new_certs_dir	= $dir/newcerts
    18. 

  18. certificate	= $dir/cacert.pem
    19. 

  19. serial		= $dir/serial
    20. 

  20. crlnumber	= $dir/crlnumber
    21. 

  21. crl		= $dir/crl.pem
    22. 

  22. private_key	= $dir/private/cakey.pem
    23. 

  23. RANDFILE	= $dir/private/.rand
    24. 

  24. 

  25. x509_extensions	= usr_cert
    26. 

  26. 

  27. name_opt 	= ca_default
    28. 

  28. cert_opt 	= ca_default
    29. 

  29. 

  30. default_days	= 365
    31. 

  31. default_crl_days= 30
    32. 

  32. default_md	= default
    33. 

  33. preserve	= no
    34. 

  34. 

  35. policy		= policy_match
    36. 

  36. 

  37. [ policy_match ]
    38. 

  38. countryName		= match
    39. 

  39. stateOrProvinceName	= optional
    40. 

  40. organizationName	= match
    41. 

  41. organizationalUnitName	= optional
    42. 

  42. commonName		= supplied
    43. 

  43. emailAddress		= optional
    44. 

  44. 

  45. [ policy_anything ]
    46. 

  46. countryName		= optional
    47. 

  47. stateOrProvinceName	= optional
    48. 

  48. localityName		= optional
    49. 

  49. organizationName	= optional
    50. 

  50. organizationalUnitName	= optional
    51. 

  51. commonName		= supplied
    52. 

  52. emailAddress		= optional
    53. 

  53. 

  54. [ req ]
    55. 

  55. default_bits		= 1024
    56. 

  56. default_keyfile 	= privkey.pem
    57. 

  57. distinguished_name	= req_distinguished_name
    58. 

  58. attributes		= req_attributes
    59. 

  59. x509_extensions	= v3_ca
    60. 

  60. 

  61. string_mask = utf8only
    62. 

  62. 

  63. [ req_distinguished_name ]
    64. 

  64. countryName			= Country Name (2 letter code)
    65. 

  65. countryName_default		= FI
    66. 

  66. countryName_min			= 2
    67. 

  67. countryName_max			= 2
    68. 

  68. 

  69. localityName			= Locality Name (eg, city)
    70. 

  70. localityName_default		= Tuusula
    71. 

  71. 

  72. 0.organizationName		= Organization Name (eg, company)
    73. 

  73. 0.organizationName_default	= w1.fi
    74. 

  74. 

  75. commonName			= Common Name (e.g. server FQDN or YOUR name)
    76. 

  76. #@CN@
    77. 

  77. commonName_max			= 64
    78. 

  78. 

  79. emailAddress			= Email Address
    80. 

  80. emailAddress_max		= 64
    81. 

  81. 

  82. ##0.subjectAltName = dNSName:server.w1.fi
    83. 

  83. 

  84. [ req_attributes ]
    85. 

  85. 

  86. [ usr_cert ]
    87. 

  87. 

  88. basicConstraints=CA:FALSE
    89. 

  89. 

  90. subjectKeyIdentifier=hash
    91. 

  91. authorityKeyIdentifier=keyid,issuer
    92. 

  92. 

  93. authorityInfoAccess = OCSP;URI:http://server.w1.fi:8888/
    94. 

  94. 

  95. [ v3_req ]
    96. 

  96. 

  97. basicConstraints = CA:FALSE
    98. 

  98. keyUsage = nonRepudiation, digitalSignature, keyEncipherment
    99. 

  99. subjectAltName=DNS:example.com,DNS:another.example.com
    100. 

  100. 

  101. [ v3_ca ]
    102. 

  102. 

  103. subjectKeyIdentifier=hash
    104. 

  104. 

  105. authorityKeyIdentifier=keyid:always,issuer
    106. 

  106. 

  107. basicConstraints = CA:true
    108. 

  108. 

  109. [ crl_ext ]
    110. 

  110. 

  111. authorityKeyIdentifier=keyid:always
    112. 

  112. 

  113. [ v3_OCSP ]
    114. 

  114. basicConstraints = CA:FALSE
    115. 

  115. keyUsage = nonRepudiation, digitalSignature, keyEncipherment
    116. 

  116. extendedKeyUsage = OCSPSigning
    117. 

  117. 

  118. [ ext_client ]
    119. 

  119. 

  120. basicConstraints=CA:FALSE
    121. 

  121. subjectKeyIdentifier=hash
    122. 

  122. authorityKeyIdentifier=keyid,issuer
    123. 

  123. authorityInfoAccess = OCSP;URI:http://server.w1.fi:8888/
    124. 

  124. #@ALTNAME@
    125. 

  125. 

  126. extendedKeyUsage = clientAuth
    127. 

  127. 

  128. [ ext_server ]
    129. 

  129. 

  130. basicConstraints=CA:FALSE
    131. 

  131. subjectKeyIdentifier=hash
    132. 

  132. authorityKeyIdentifier=keyid,issuer
    133. 

  133. authorityInfoAccess = OCSP;URI:http://server.w1.fi:8888/
    134. 

  134. #@ALTNAME@
    135. 

  135. 

  136. extendedKeyUsage = serverAuth
    137. 

  137. 

  138. [ ext_client_server ]
    139. 

  139. 

  140. basicConstraints=CA:FALSE
    141. 

  141. subjectKeyIdentifier=hash
    142. 

  142. authorityKeyIdentifier=keyid,issuer
    143. 

  143. authorityInfoAccess = OCSP;URI:http://server.w1.fi:8888/
    144. 

  144. #@ALTNAME@
    145. 

  145. 

  146. extendedKeyUsage = clientAuth, serverAuth
    147.