SUBJECT_NAME = req_dn KEY_SIZE = 2048 [req] default_bits = ${ENV::KEY_SIZE} default_md = sha256 string_mask = utf8only prompt = no encrypt_key = no distinguished_name = ${ENV::SUBJECT_NAME} req_extensions = req_extensions [req_dn] C = US ST = California L = Mountain View O = Test CA CN = 127.0.0.1 [req_no_san] basicConstraints = critical, CA:false [req_duplicate_cn_1] O = Foo CN = Duplicate [req_duplicate_cn_2] O = Bar CN = Duplicate [req_localhost_cn] C = US ST = California L = Mountain View O = Test CA CN = localhost [req_self_signed_a] C = US ST = Michigan L = Ann Arbor O = Test Self-Signed CN = SS A [req_self_signed_b] C = US ST = Michigan L = Ann Arbor O = Test Self-Signed CN = SS B [req_punycode_dn] CN = xn--wgv71a119e.com [req_ev_dn] C = US ST = California L = Mountain View O = Test Org [req_ev_state_only_dn] C = US ST = California O = Test Org [req_extensions] subjectAltName = IP:127.0.0.1 [req_intranet_san] subjectAltName = DNS:webmail [req_extensions_with_can_sign_http_exchanges_draft] subjectAltName = IP:127.0.0.1 1.3.6.1.4.1.11129.2.1.22 = ASN1:NULL [req_extensions_with_can_sign_http_exchanges_draft_invalid] subjectAltName = IP:127.0.0.1 1.3.6.1.4.1.11129.2.1.22 = DER:30:00 [req_localhost_san] subjectAltName = DNS:localhost [req_punycode] basicConstraints = critical, CA:true subjectAltName = @punycode_san [req_san_sanity] basicConstraints = critical, CA:true subjectAltName = @san_sanity [san_sanity] IP.1 = 127.0.0.2 IP.2 = FE80::1 DNS = test.example email = test@test.example otherName = 1.2.3.4;UTF8:ignore me dirName = more_san_sanity [req_san_example] basicConstraints = critical, CA:true subjectAltName = @san_example [san_example] DNS = www.example.com [req_policies_sanity] certificatePolicies=1.2.3.4.5, @policy1 [policy1] policyIdentifier = 1.3.5.8.12 CPS.1="http://cps.example.com/foo" userNotice.1=@policy_user_notice userNotice.2=@policy_user_notice2 userNotice.3=@policy_user_notice3 [policy_user_notice] explicitText="Explicit Text Here" organization="Organization Name" noticeNumbers=1,2,3,4 [policy_user_notice2] explicitText="Explicit Text Two" [policy_user_notice3] organization="Organization Name Two" noticeNumbers=42 [req_spdy_pooling] subjectAltName = @spdy_pooling [req_wildcard] subjectAltName = @wildcard [req_test_names] subjectAltName = @test_names [more_san_sanity] CN=127.0.0.3 [spdy_pooling] DNS.1 = www.example.org DNS.2 = mail.example.org DNS.3 = mail.example.com DNS.4 = example.test [punycode_san] DNS.1 = xn--wgv71a119e.com DNS.2 = *.xn--wgv71a119e.com DNS.3 = blahblahblahblah.com [wildcard] DNS.1 = *.example.org [test_names] DNS.1 = a.test DNS.2 = *.a.test DNS.3 = b.test DNS.4 = *.b.test DNS.5 = c.test DNS.6 = *.c.test DNS.7 = d.test DNS.8 = *.d.test [subj_rsa_no_extension] CN = RSA-2048 no keyUsage extension [ext_rsa_no_extension] [subj_rsa_keyencipherment] CN = RSA-2048 keyEncipherment [ext_rsa_keyencipherment] keyUsage = critical, keyEncipherment [subj_rsa_digitalsignature] CN = RSA-2048 digitalSignature [ext_rsa_digitalsignature] keyUsage = critical, digitalSignature [subj_rsa_both] CN = RSA-2048 keyEncipherment and digitalSignature [ext_rsa_both] keyUsage = critical, keyEncipherment, digitalSignature [subj_p256_no_extension] CN = P-256 no keyUsage extension [ext_p256_no_extension] [subj_p256_keyagreement] CN = P-256 keyAgreement [ext_p256_keyagreement] keyUsage = critical, keyAgreement [subj_p256_digitalsignature] CN = P-256 digitalSignature [ext_p256_digitalsignature] keyUsage = critical, digitalSignature [subj_p256_both] CN = P-256 keyAgreement and digitalSignature [ext_p256_both] keyUsage = critical, keyAgreement, digitalSignature