| SUBJECT_NAME = req_dn |
| KEY_SIZE = 2048 |
| |
| [req] |
| default_bits = ${ENV::KEY_SIZE} |
| default_md = sha256 |
| string_mask = utf8only |
| prompt = no |
| encrypt_key = no |
| distinguished_name = ${ENV::SUBJECT_NAME} |
| req_extensions = req_extensions |
| |
| [req_dn] |
| C = US |
| ST = California |
| L = Mountain View |
| O = Test CA |
| CN = 127.0.0.1 |
| |
| [req_no_san] |
| basicConstraints = critical, CA:false |
| |
| [req_duplicate_cn_1] |
| O = Foo |
| CN = Duplicate |
| |
| [req_duplicate_cn_2] |
| O = Bar |
| CN = Duplicate |
| |
| [req_intranet_dn] |
| CN = webmail |
| |
| [req_localhost_cn] |
| C = US |
| ST = California |
| L = Mountain View |
| O = Test CA |
| CN = localhost |
| |
| [req_self_signed_a] |
| C = US |
| ST = Michigan |
| L = Ann Arbor |
| O = Test Self-Signed |
| CN = SS A |
| |
| [req_self_signed_b] |
| C = US |
| ST = Michigan |
| L = Ann Arbor |
| O = Test Self-Signed |
| CN = SS B |
| |
| [req_punycode_dn] |
| CN = xn--wgv71a119e.com |
| |
| [req_extensions] |
| subjectAltName = IP:127.0.0.1 |
| |
| [req_intranet_san] |
| subjectAltName = DNS:webmail |
| |
| [req_extensions_with_tls_feature] |
| subjectAltName = IP:127.0.0.1 |
| 1.3.6.1.5.5.7.1.24=DER:30:03:02:01:05 |
| |
| [req_extensions_with_can_sign_http_exchanges_draft] |
| subjectAltName = IP:127.0.0.1 |
| 1.3.6.1.4.1.11129.2.1.22 = ASN1:NULL |
| |
| [req_extensions_with_can_sign_http_exchanges_draft_invalid] |
| subjectAltName = IP:127.0.0.1 |
| 1.3.6.1.4.1.11129.2.1.22 = DER:30:00 |
| |
| [req_localhost_san] |
| subjectAltName = DNS:localhost |
| |
| [req_punycode] |
| basicConstraints = critical, CA:true |
| subjectAltName = @punycode_san |
| |
| [req_san_sanity] |
| basicConstraints = critical, CA:true |
| subjectAltName = @san_sanity |
| |
| [san_sanity] |
| IP.1 = 127.0.0.2 |
| IP.2 = FE80::1 |
| DNS = test.example |
| email = test@test.example |
| otherName = 1.2.3.4;UTF8:ignore me |
| dirName = more_san_sanity |
| |
| [req_san_example] |
| basicConstraints = critical, CA:true |
| subjectAltName = @san_example |
| |
| [san_example] |
| DNS = www.example.com |
| |
| [req_spdy_pooling] |
| subjectAltName = @spdy_pooling |
| |
| [req_wildcard] |
| subjectAltName = @wildcard |
| |
| [more_san_sanity] |
| CN=127.0.0.3 |
| |
| [spdy_pooling] |
| DNS.1 = www.example.org |
| DNS.2 = mail.example.org |
| DNS.3 = mail.example.com |
| |
| [punycode_san] |
| DNS.1 = xn--wgv71a119e.com |
| DNS.2 = *.xn--wgv71a119e.com |
| DNS.3 = blahblahblahblah.com |
| |
| [wildcard] |
| DNS.1 = *.example.org |
| |
| [subj_rsa_no_extension] |
| CN = RSA-2048 no keyUsage extension |
| [ext_rsa_no_extension] |
| |
| [subj_rsa_keyencipherment] |
| CN = RSA-2048 keyEncipherment |
| [ext_rsa_keyencipherment] |
| keyUsage = critical, keyEncipherment |
| |
| [subj_rsa_digitalsignature] |
| CN = RSA-2048 digitalSignature |
| [ext_rsa_digitalsignature] |
| keyUsage = critical, digitalSignature |
| |
| [subj_rsa_both] |
| CN = RSA-2048 keyEncipherment and digitalSignature |
| [ext_rsa_both] |
| keyUsage = critical, keyEncipherment, digitalSignature |
| |
| [subj_p256_no_extension] |
| CN = P-256 no keyUsage extension |
| [ext_p256_no_extension] |
| |
| [subj_p256_keyagreement] |
| CN = P-256 keyAgreement |
| [ext_p256_keyagreement] |
| keyUsage = critical, keyAgreement |
| |
| [subj_p256_digitalsignature] |
| CN = P-256 digitalSignature |
| [ext_p256_digitalsignature] |
| keyUsage = critical, digitalSignature |
| |
| [subj_p256_both] |
| CN = P-256 keyAgreement and digitalSignature |
| [ext_p256_both] |
| keyUsage = critical, keyAgreement, digitalSignature |
