1[ default ] 2# 3# SSLeay example configuration file. 4# This is mostly being used for generation of certificate requests. 5# 6 7RANDFILE = ./.rnd 8 9#################################################################### 10[ ca ] 11default_ca = CA_default # The default ca section 12 13#################################################################### 14[ CA_default ] 15 16dir = ./demoCA # Where everything is kept 17certs = $dir/certs # Where the issued certs are kept 18crl_dir = $dir/crl # Where the issued crl are kept 19database = $dir/index.txt # database index file. 20new_certs_dir = $dir/new_certs # default place for new certs. 21 22certificate = $dir/CAcert.pem # The CA certificate 23serial = $dir/serial # The current serial number 24crl = $dir/crl.pem # The current CRL 25private_key = $dir/private/CAkey.pem# The private key 26RANDFILE = $dir/private/.rand # private random number file 27 28default_days = 365 # how long to certify for 29default_crl_days= 30 # how long before next CRL 30default_md = md5 # which md to use. 31 32# A few difference way of specifying how similar the request should look 33# For type CA, the listed attributes must be the same, and the optional 34# and supplied fields are just that :-) 35policy = policy_match 36 37