1# 2# SSLeay example configuration file. 3# This is mostly being used for generation of certificate requests. 4# 5 6RANDFILE = /sdcard/android.testssl/.rnd 7 8#################################################################### 9[ req ] 10default_bits = 512 11default_keyfile = keySS.pem 12distinguished_name = req_distinguished_name 13encrypt_rsa_key = no 14default_md = sha1 15 16[ req_distinguished_name ] 17countryName = Country Name (2 letter code) 18countryName_default = AU 19countryName_value = AU 20 21organizationName = Organization Name (eg, company) 22organizationName_value = Dodgy Brothers 23 24commonName = Common Name (eg, YOUR name) 25commonName_value = Dodgy CA 26 27#################################################################### 28[ ca ] 29default_ca = CA_default # The default ca section 30 31#################################################################### 32[ CA_default ] 33 34dir = ./demoCA # Where everything is kept 35certs = $dir/certs # Where the issued certs are kept 36crl_dir = $dir/crl # Where the issued crl are kept 37database = $dir/index.txt # database index file. 38#unique_subject = no # Set to 'no' to allow creation of 39 # several ctificates with same subject. 40new_certs_dir = $dir/newcerts # default place for new certs. 41 42certificate = $dir/cacert.pem # The CA certificate 43serial = $dir/serial # The current serial number 44crl = $dir/crl.pem # The current CRL 45private_key = $dir/private/cakey.pem# The private key 46RANDFILE = $dir/private/.rand # private random number file 47 48x509_extensions = v3_ca # The extentions to add to the cert 49 50name_opt = ca_default # Subject Name options 51cert_opt = ca_default # Certificate field options 52 53default_days = 365 # how long to certify for 54default_crl_days= 30 # how long before next CRL 55default_md = md5 # which md to use. 56preserve = no # keep passed DN ordering 57 58policy = policy_anything 59 60[ policy_anything ] 61countryName = optional 62stateOrProvinceName = optional 63localityName = optional 64organizationName = optional 65organizationalUnitName = optional 66commonName = supplied 67emailAddress = optional 68 69 70 71[ v3_ca ] 72subjectKeyIdentifier=hash 73authorityKeyIdentifier=keyid:always,issuer:always 74basicConstraints = CA:true,pathlen:1 75keyUsage = cRLSign, keyCertSign 76issuerAltName=issuer:copy 77