source-git / osbuild-composer

Clone
Source Code
GIT

Blame test/data/x509/openssl.cnf

c8 c8s master
  1.   509fd43ac82544c04c8310db8c70992d6aa5692e
  2.   test
  3.   data
  4.   x509
  5.   openssl.cnf
Blob History Raw
Packit Service 509fd4 
#
Packit Service 509fd4 
# ca options
Packit Service 509fd4 
#
Packit Service 509fd4
Packit Service 509fd4 
[ca]
Packit Service 509fd4 
default_ca = osbuild_ca
Packit Service 509fd4
Packit Service 509fd4 
[osbuild_ca]
Packit Service 509fd4 
database        = ./index.txt
Packit Service 509fd4 
new_certs_dir   = ./certs
Packit Service 509fd4 
rand_serial     = yes
Packit Service 509fd4
Packit Service 509fd4 
certificate     = ca.cert.pem
Packit Service 509fd4 
private_key     = private/ca.key.pem
Packit Service 509fd4
Packit Service 509fd4 
default_days    = 3650
Packit Service 509fd4 
default_md      = sha256
Packit Service 509fd4
Packit Service 509fd4 
x509_extensions = osbuild_ca_ext
Packit Service 509fd4
Packit Service 509fd4 
# See WARNINGS in `man openssl ca`. This is ok, becasue it only copies
Packit Service 509fd4 
# extensions that are not already specified in `osbuild_ca_ext`.
Packit Service 509fd4 
copy_extensions = copy
Packit Service 509fd4
Packit Service 509fd4 
preserve        = no
Packit Service 509fd4 
policy          = osbuild_ca_policy
Packit Service 509fd4
Packit Service 509fd4 
# We want to issue multiple certificates with the same subject in the
Packit Service 509fd4 
# testing environment.
Packit Service 509fd4 
unique_subject  = no
Packit Service 509fd4
Packit Service 509fd4
Packit Service 509fd4 
[osbuild_ca_ext]
Packit Service 509fd4 
basicConstraints       = critical, CA:TRUE
Packit Service 509fd4 
subjectKeyIdentifier   = hash
Packit Service 509fd4 
authorityKeyIdentifier = keyid:always, issuer:always
Packit Service 509fd4 
keyUsage               = critical, digitalSignature, cRLSign, keyCertSign
Packit Service 509fd4
Packit Service 509fd4
Packit Service 509fd4 
[osbuild_ca_policy]
Packit Service 509fd4 
commonName   = supplied
Packit Service 509fd4 
emailAddress = supplied
Packit Service 509fd4
Packit Service 509fd4
Packit Service 509fd4 
#
Packit Service 509fd4 
# Extensions for server certificates
Packit Service 509fd4 
#
Packit Service 509fd4
Packit Service 509fd4 
[osbuild_server_ext]
Packit Service 509fd4 
basicConstraints       = critical, CA:FALSE
Packit Service 509fd4 
subjectKeyIdentifier   = hash
Packit Service 509fd4 
authorityKeyIdentifier = keyid, issuer:always
Packit Service 509fd4 
keyUsage               = critical, digitalSignature, keyEncipherment
Packit Service 509fd4 
extendedKeyUsage       = serverAuth
Packit Service 509fd4
Packit Service 509fd4
Packit Service 509fd4 
#
Packit Service 509fd4 
# Extensions for client certificates
Packit Service 509fd4 
#
Packit Service 509fd4
Packit Service 509fd4 
[osbuild_client_ext]
Packit Service 509fd4 
basicConstraints       = CA:FALSE
Packit Service 509fd4 
subjectKeyIdentifier   = hash
Packit Service 509fd4 
authorityKeyIdentifier = keyid,issuer
Packit Service 509fd4 
keyUsage               = critical, nonRepudiation, digitalSignature, keyEncipherment
Packit Service 509fd4 
extendedKeyUsage       = clientAuth
Packit Service 509fd4
Packit Service 509fd4
Packit Service 509fd4 
#
Packit Service 509fd4 
# req options
Packit Service 509fd4 
#
Packit Service 509fd4
Packit Service 509fd4 
[req]
Packit Service 509fd4 
default_md         = sha256
Packit Service 509fd4 
default_bits       = 2048
Packit Service 509fd4 
distinguished_name = osbuild_distinguished_name
Packit Service 509fd4
Packit Service 509fd4
Packit Service 509fd4 
#
Packit Service 509fd4 
# Only prompt for CN
Packit Service 509fd4 
#
Packit Service 509fd4
Packit Service 509fd4 
[osbuild_distinguished_name]
Packit Service 509fd4 
CN = Common Name
Packit Service 509fd4 
emailAddress = E-Mail Address

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation