Change the "offset too large" message to more generic wording
[openssl.git] / test / CAss.cnf
index b941b7a..b20a242 100644 (file)
@@ -7,7 +7,7 @@ RANDFILE                = ./.rnd
 
 ####################################################################
 [ req ]
-default_bits           = 512
+default_bits           = 2048
 default_keyfile        = keySS.pem
 distinguished_name     = req_distinguished_name
 encrypt_rsa_key                = no
@@ -23,3 +23,54 @@ organizationName_value               = Dodgy Brothers
 
 commonName                     = Common Name (eg, YOUR name)
 commonName_value               = Dodgy CA
+
+####################################################################
+[ ca ]
+default_ca     = CA_default            # The default ca section
+
+####################################################################
+[ CA_default ]
+
+dir            = ./demoCA              # Where everything is kept
+certs          = $dir/certs            # Where the issued certs are kept
+crl_dir                = $dir/crl              # Where the issued crl are kept
+database       = $dir/index.txt        # database index file.
+#unique_subject        = no                    # Set to 'no' to allow creation of
+                                       # several certificates with same subject.
+new_certs_dir  = $dir/newcerts         # default place for new certs.
+
+certificate    = $dir/cacert.pem       # The CA certificate
+serial         = $dir/serial           # The current serial number
+crl            = $dir/crl.pem          # The current CRL
+private_key    = $dir/private/cakey.pem# The private key
+RANDFILE       = $dir/private/.rand    # private random number file
+
+x509_extensions        = v3_ca                 # The extensions to add to the cert
+
+name_opt       = ca_default            # Subject Name options
+cert_opt       = ca_default            # Certificate field options
+
+default_days   = 365                   # how long to certify for
+default_crl_days= 30                   # how long before next CRL
+default_md     = md5                   # which md to use.
+preserve       = no                    # keep passed DN ordering
+
+policy         = policy_anything
+
+[ policy_anything ]
+countryName            = optional
+stateOrProvinceName    = optional
+localityName           = optional
+organizationName       = optional
+organizationalUnitName = optional
+commonName             = supplied
+emailAddress           = optional
+
+
+
+[ v3_ca ]
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid:always,issuer:always
+basicConstraints = critical,CA:true,pathlen:1
+keyUsage = cRLSign, keyCertSign
+issuerAltName=issuer:copy