projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
test/smime-certs/{mksmime-certs.sh,ca.cnf}: simplify and speed up cert generation
[openssl.git] / test / smime-certs / ca.cnf
diff --git a/test/smime-certs/ca.cnf b/test/smime-certs/ca.cnf
index 9e6f8a917ebd4165054202db0ecfa6b4d31f8f1b..1bdffadf672dadc0d4b3b915c89df2c1d9d7224b 100644 (file)
--- a/test/smime-certs/ca.cnf
+++ b/test/smime-certs/ca.cnf
@@ -12,6 +12,7 @@ CN                    = "Not Defined"
 default_ca             = ca
 
 ####################################################################
+
 [ req ]
 default_bits           = 2048
 default_keyfile        = privkey.pem
@@ -30,7 +31,7 @@ organizationName              = OpenSSL Group
 # Take CN from environment so it can come from a script.
 commonName                     = $ENV::CN
 
-[ usr_cert ]
+[ usr_rsa_cert ]
 
 # These extensions are added when 'ca' signs a request for a normal end-entity
 # certificate with key usage restrictions compatible with RSA keys
@@ -44,6 +45,11 @@ keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment
 # subjectKeyIdentifier   = hash
 # authorityKeyIdentifier = keyid, issuer
 
+[ signer_cert ]
+
+basicConstraints = CA:FALSE
+keyUsage = critical, digitalSignature
+
 [ dh_cert ]
 
 # These extensions are added when 'ca' signs a request for an end-entity
Unnamed repository; edit this file 'description' to name the repository.