To create new wiki account, please join us on #znc at Libera.Chat and ask admins to create a wiki account for you. You can say thanks to spambots for this inconvenience.
OpenSSL.cnf SelfSigned: Difference between revisions
Jump to navigation
Jump to search
mNo edit summary |
mNo edit summary |
||
(One intermediate revision by the same user not shown) | |||
Line 11: | Line 11: | ||
# Options for the `req` tool (`man req`). | # Options for the `req` tool (`man req`). | ||
default_bits = 4096 | default_bits = 4096 | ||
distinguished_name = | distinguished_name = @req_dn | ||
string_mask = utf8only | string_mask = utf8only | ||
default_md = sha512 | default_md = sha512 | ||
[ | [ req_dn ] | ||
# The [ | # The [ req_dn ] section declares the information | ||
# normally required in a certificate signing request. | # normally required in a certificate signing request. | ||
# You can optionally specify some defaults. | # You can optionally specify some defaults. |
Latest revision as of 18:35, 23 August 2021
[default] default_md = sha512 name_opt = ca_default cert_opt = ca_default default_days = 375 policy = @policy_selfsigned [ req ] #Options from the [ req ] section are applied #when creating certificates or certificate signing requests. # Options for the `req` tool (`man req`). default_bits = 4096 distinguished_name = @req_dn string_mask = utf8only default_md = sha512 [ req_dn ] # The [ req_dn ] section declares the information # normally required in a certificate signing request. # You can optionally specify some defaults. # See <https://en.wikipedia.org/wiki/Certificate_signing_request>. countryName = Country Name (2 letter code) countryName_min = 2 countryName_max = 2 stateOrProvinceName = State or Province Name (full name) localityName = Locality Name (eg, city) organizationName = Organization Name (eg, company) organizationalUnitName = Organizational Unit Name (eg, section) commonName = Common Name (e.g. server FQDN or YOUR name) emailAddress = Email Address # Optionally, specify some defaults. countryName_default = IT stateOrProvinceName_default = Italy localityName_default = Italy organizationName_default = ZNC.in #organizationalUnitName_default = ZNC Service #commonName_default = wiki.znc.in emailAddress_default = user [at] example [dot] com [ policy_selfsigned ] # See the POLICY FORMAT section of the `ca` man page. countryName = optional stateOrProvinceName = optional localityName = optional organizationName = optional organizationalUnitName = optional commonName = optional emailAddress = optional [ usr_cert ] # We’ll apply the usr_cert extension when signing client certificates, # such as those used for remote user authentication. # Extensions for client certificates (`man x509v3_config`). basicConstraints = critical, CA:FALSE subjectKeyIdentifier = hash authorityKeyIdentifier = keyid:always, issuer:always keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment, dataEncipherment, keyAgreement extendedKeyUsage = critical, clientAuth, emailProtection, codeSigning [ server_cert ] # We’ll apply the server_cert extension when signing server certificates, # such as those used for web servers. # Extensions for server certificates (`man x509v3_config`). basicConstraints = critical, CA:FALSE subjectKeyIdentifier = hash authorityKeyIdentifier = keyid:always, issuer:always keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment, keyAgreement extendedKeyUsage = critical, serverAuth