1[req] 2x509_extensions = v3_ca 3distinguished_name = req_dn 4 5[req_dn] 6countryName = NL 7organizationalUnitName = PolarSSL 8commonName = PolarSSL Test CA 9 10[v3_ca] 11subjectKeyIdentifier=hash 12authorityKeyIdentifier=keyid:always,issuer:always 13basicConstraints = CA:true 14 15[othername_san] 16subjectAltName=otherName:1.3.6.1.5.5.7.8.4;SEQ:hw_module_name 17 18[nonprintable_othername_san] 19subjectAltName=otherName:1.3.6.1.5.5.7.8.4;SEQ:nonprintable_hw_module_name 20 21[unsupported_othername_san] 22subjectAltName=otherName:1.2.3.4;UTF8:some other identifier 23 24[dns_alt_names] 25subjectAltName=DNS:example.com, DNS:example.net, DNS:*.example.org 26 27[alt_names] 28DNS.1=example.com 29otherName.1=1.3.6.1.5.5.7.8.4;SEQ:hw_module_name 30DNS.2=example.net 31DNS.3=*.example.org 32 33[multiple_san] 34subjectAltName=@alt_names 35 36[hw_module_name] 37hwtype = OID:1.3.6.1.4.1.17.3 38hwserial = OCT:123456 39 40[nonprintable_hw_module_name] 41hwtype = OID:1.3.6.1.4.1.17.3 42hwserial = FORMAT:HEX, OCT:3132338081008180333231 43 44[v3_any_policy_ca] 45basicConstraints = CA:true 46certificatePolicies = 2.5.29.32.0 47 48[v3_any_policy_qualifier_ca] 49basicConstraints = CA:true 50certificatePolicies = @policy_info 51 52[v3_multi_policy_ca] 53basicConstraints = CA:true 54certificatePolicies = 1.2.3.4,2.5.29.32.0 55 56[v3_unsupported_policy_ca] 57basicConstraints = CA:true 58certificatePolicies = 1.2.3.4 59 60[policy_info] 61policyIdentifier = 2.5.29.32.0 62CPS.1 ="CPS uri string" 63 64[fan_cert] 65extendedKeyUsage = 1.3.6.1.4.1.45605.1 66 67[noext_ca] 68basicConstraints = CA:true 69 70[test_ca] 71database = /dev/null 72 73[crl_ext_idp] 74issuingDistributionPoint=critical, @idpdata 75 76[crl_ext_idp_nc] 77issuingDistributionPoint=@idpdata 78 79[idpdata] 80fullname=URI:http://pki.example.com/ 81 82# these IPs are the ascii values for 'abcd' and 'abcd.example.com' 83[tricky_ip_san] 84subjectAltName=IP:97.98.99.100,IP:6162:6364:2e65:7861:6d70:6c65:2e63:6f6d 85