• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1[req]
2x509_extensions = v3_ca
3distinguished_name = req_dn
4
5[req_dn]
6countryName = NL
7organizationalUnitName = PolarSSL
8commonName = PolarSSL Test CA
9
10[v3_ca]
11subjectKeyIdentifier=hash
12authorityKeyIdentifier=keyid:always,issuer:always
13basicConstraints = CA:true
14
15[no_subj_auth_id]
16subjectKeyIdentifier=none
17authorityKeyIdentifier=none
18basicConstraints = CA:true
19
20[othername_san]
21subjectAltName=otherName:1.3.6.1.5.5.7.8.4;SEQ:hw_module_name
22
23[nonprintable_othername_san]
24subjectAltName=otherName:1.3.6.1.5.5.7.8.4;SEQ:nonprintable_hw_module_name
25
26[unsupported_othername_san]
27subjectAltName=otherName:1.2.3.4;UTF8:some other identifier
28
29[dns_alt_names]
30subjectAltName=DNS:example.com, DNS:example.net, DNS:*.example.org
31
32[rfc822name_names]
33subjectAltName=email:my@other.address,email:second@other.address
34
35[alt_names]
36DNS.1=example.com
37otherName.1=1.3.6.1.5.5.7.8.4;SEQ:hw_module_name
38DNS.2=example.net
39DNS.3=*.example.org
40
41[multiple_san]
42subjectAltName=@alt_names
43
44[hw_module_name]
45hwtype = OID:1.3.6.1.4.1.17.3
46hwserial = OCT:123456
47
48[nonprintable_hw_module_name]
49hwtype = OID:1.3.6.1.4.1.17.3
50hwserial = FORMAT:HEX, OCT:3132338081008180333231
51
52[v3_any_policy_ca]
53basicConstraints = CA:true
54certificatePolicies = 2.5.29.32.0
55
56[v3_any_policy_qualifier_ca]
57basicConstraints = CA:true
58certificatePolicies = @policy_info
59
60[v3_multi_policy_ca]
61basicConstraints = CA:true
62certificatePolicies = 1.2.3.4,2.5.29.32.0
63
64[v3_unsupported_policy_ca]
65basicConstraints = CA:true
66certificatePolicies = 1.2.3.4
67
68[policy_info]
69policyIdentifier = 2.5.29.32.0
70CPS.1 ="CPS uri string"
71
72[fan_cert]
73extendedKeyUsage = 1.3.6.1.4.1.45605.1
74
75[noext_ca]
76basicConstraints = CA:true
77
78[test_ca]
79database = /dev/null
80
81[crl_ext_idp]
82issuingDistributionPoint=critical, @idpdata
83
84[crl_ext_idp_nc]
85issuingDistributionPoint=@idpdata
86
87[idpdata]
88fullname=URI:http://pki.example.com/
89
90# these IPs are the ascii values for 'abcd' and 'abcd.example.com'
91[tricky_ip_san]
92subjectAltName=IP:97.98.99.100,IP:6162:6364:2e65:7861:6d70:6c65:2e63:6f6d
93
94[csr_ext_v3_keyUsage]
95keyUsage = digitalSignature, keyEncipherment
96
97[csr_ext_v3_subjectAltName]
98subjectAltName=DNS:example.com, DNS:example.net, DNS:*.example.org
99
100[csr_ext_v3_nsCertType]
101nsCertType=server
102
103[csr_ext_v3_all]
104keyUsage = cRLSign
105subjectAltName=otherName:1.3.6.1.5.5.7.8.4;SEQ:nonprintable_hw_module_name
106nsCertType=client
107
108[directory_name_san]
109subjectAltName=dirName:dirname_sect
110
111[two_directorynames]
112subjectAltName=dirName:dirname_sect, dirName:dirname_to_malform
113
114[dirname_sect]
115C=UK
116O=Mbed TLS
117CN=Mbed TLS directoryName SAN
118
119[dirname_to_malform]
120O=MALFORM_ME
121