content/test/data/sxg/ca.cnf - chromium/src - Git at Google

 [ca]
 default_ca = CA_root
 preserve   = yes

 [CA_root]
 dir            = out
 new_certs_dir  = $dir
 database       = $dir/index.txt
 serial         = $dir/serial
 certificate    = ../../../../net/data/ssl/certificates/root_ca_cert.pem
 private_key    = ../../../../net/data/ssl/certificates/root_ca_cert.pem
 default_md     = sha256
 unique_subject = no
 policy         = policy_anything

 [sxg_cert]
 basicConstraints = CA:FALSE
 # OID required for sxg since d54c469
 1.3.6.1.4.1.11129.2.1.22 = ASN1:NULL
 keyUsage = nonRepudiation, digitalSignature, keyEncipherment
 subjectKeyIdentifier = hash
 authorityKeyIdentifier = keyid,issuer
 subjectAltName=DNS:test.example.org

 [policy_anything]
 # Default signing policy
 countryName            = optional
 stateOrProvinceName    = optional
 localityName           = optional
 organizationName       = optional
 organizationalUnitName = optional
 commonName             = optional
 emailAddress           = optional
	[ca]
	default_ca = CA_root
	preserve = yes

	[CA_root]
	dir = out
	new_certs_dir = $dir
	database = $dir/index.txt
	serial = $dir/serial
	certificate = ../../../../net/data/ssl/certificates/root_ca_cert.pem
	private_key = ../../../../net/data/ssl/certificates/root_ca_cert.pem
	default_md = sha256
	unique_subject = no
	policy = policy_anything

	[sxg_cert]
	basicConstraints = CA:FALSE
	# OID required for sxg since d54c469
	1.3.6.1.4.1.11129.2.1.22 = ASN1:NULL
	keyUsage = nonRepudiation, digitalSignature, keyEncipherment
	subjectKeyIdentifier = hash
	authorityKeyIdentifier = keyid,issuer
	subjectAltName=DNS:test.example.org

	[policy_anything]
	# Default signing policy
	countryName = optional
	stateOrProvinceName = optional
	localityName = optional
	organizationName = optional
	organizationalUnitName = optional
	commonName = optional
	emailAddress = optional