blob: cc3d396fd31a59b4920c6bce7095a4a6bb492b83 [file] [log] [blame]
SUBJECT_NAME = req_dn
KEY_SIZE = 2048
[req]
default_bits = ${ENV::KEY_SIZE}
default_md = sha256
string_mask = utf8only
prompt = no
encrypt_key = no
distinguished_name = ${ENV::SUBJECT_NAME}
req_extensions = req_extensions
[req_dn]
C = US
ST = California
L = Mountain View
O = Test CA
CN = 127.0.0.1
[req_no_san]
basicConstraints = critical, CA:false
[req_duplicate_cn_1]
O = Foo
CN = Duplicate
[req_duplicate_cn_2]
O = Bar
CN = Duplicate
[req_localhost_cn]
C = US
ST = California
L = Mountain View
O = Test CA
CN = localhost
[req_self_signed_a]
C = US
ST = Michigan
L = Ann Arbor
O = Test Self-Signed
CN = SS A
[req_self_signed_b]
C = US
ST = Michigan
L = Ann Arbor
O = Test Self-Signed
CN = SS B
[req_punycode_dn]
CN = xn--wgv71a119e.com
[req_ev_dn]
C = US
ST = California
L = Mountain View
O = Test Org
[req_ev_state_only_dn]
C = US
ST = California
O = Test Org
[req_extensions]
subjectAltName = IP:127.0.0.1
[req_intranet_san]
subjectAltName = DNS:webmail
[req_extensions_with_can_sign_http_exchanges_draft]
subjectAltName = IP:127.0.0.1
1.3.6.1.4.1.11129.2.1.22 = ASN1:NULL
[req_extensions_with_can_sign_http_exchanges_draft_invalid]
subjectAltName = IP:127.0.0.1
1.3.6.1.4.1.11129.2.1.22 = DER:30:00
[req_localhost_san]
subjectAltName = DNS:localhost
[req_punycode]
basicConstraints = critical, CA:true
subjectAltName = @punycode_san
[req_san_sanity]
basicConstraints = critical, CA:true
subjectAltName = @san_sanity
[san_sanity]
IP.1 = 127.0.0.2
IP.2 = FE80::1
DNS = test.example
email = test@test.example
otherName = 1.2.3.4;UTF8:ignore me
dirName = more_san_sanity
[req_san_example]
basicConstraints = critical, CA:true
subjectAltName = @san_example
[san_example]
DNS = www.example.com
[req_policies_sanity]
certificatePolicies=1.2.3.4.5, @policy1
[policy1]
policyIdentifier = 1.3.5.8.12
CPS.1="http://cps.example.com/foo"
userNotice.1=@policy_user_notice
userNotice.2=@policy_user_notice2
userNotice.3=@policy_user_notice3
[policy_user_notice]
explicitText="Explicit Text Here"
organization="Organization Name"
noticeNumbers=1,2,3,4
[policy_user_notice2]
explicitText="Explicit Text Two"
[policy_user_notice3]
organization="Organization Name Two"
noticeNumbers=42
[req_spdy_pooling]
subjectAltName = @spdy_pooling
[req_wildcard]
subjectAltName = @wildcard
[req_test_names]
subjectAltName = @test_names
[more_san_sanity]
CN=127.0.0.3
[spdy_pooling]
DNS.1 = www.example.org
DNS.2 = mail.example.org
DNS.3 = mail.example.com
DNS.4 = example.test
[punycode_san]
DNS.1 = xn--wgv71a119e.com
DNS.2 = *.xn--wgv71a119e.com
DNS.3 = blahblahblahblah.com
[wildcard]
DNS.1 = *.example.org
[test_names]
DNS.1 = a.test
DNS.2 = *.a.test
DNS.3 = b.test
DNS.4 = *.b.test
DNS.5 = c.test
DNS.6 = *.c.test
DNS.7 = d.test
DNS.8 = *.d.test
[subj_rsa_no_extension]
CN = RSA-2048 no keyUsage extension
[ext_rsa_no_extension]
[subj_rsa_keyencipherment]
CN = RSA-2048 keyEncipherment
[ext_rsa_keyencipherment]
keyUsage = critical, keyEncipherment
[subj_rsa_digitalsignature]
CN = RSA-2048 digitalSignature
[ext_rsa_digitalsignature]
keyUsage = critical, digitalSignature
[subj_rsa_both]
CN = RSA-2048 keyEncipherment and digitalSignature
[ext_rsa_both]
keyUsage = critical, keyEncipherment, digitalSignature
[subj_p256_no_extension]
CN = P-256 no keyUsage extension
[ext_p256_no_extension]
[subj_p256_keyagreement]
CN = P-256 keyAgreement
[ext_p256_keyagreement]
keyUsage = critical, keyAgreement
[subj_p256_digitalsignature]
CN = P-256 digitalSignature
[ext_p256_digitalsignature]
keyUsage = critical, digitalSignature
[subj_p256_both]
CN = P-256 keyAgreement and digitalSignature
[ext_p256_both]
keyUsage = critical, keyAgreement, digitalSignature