cpp/test/IceSSL/certs/server.cnf


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83

# **********************************************************************
#
# Copyright (c) 2003-2009 ZeroC, Inc. All rights reserved.
#
# This copy of Ice is licensed to you under the terms described in the
# ICE_LICENSE file included in this distribution.
#
# **********************************************************************

#
# ZeroC base OpenSSL configuration file.
#

###############################################################################
###  CA Configuration
###############################################################################

[ ca ]
default_ca = ice


[ ice ]
dir              = tmp	       # Where everything is kept.
database         = $dir/index.txt           # Database index file.
new_certs_dir    = $dir                     # Default loc for new certs.
serial           = $dir/serial              # The current serial number.

certs            = $dir                     # Where issued certs are kept.
RANDFILE         = $dir/.rand               # Private random number file.

default_days     = 3650                     # How long certs are valid.
default_md       = md5                      # The Message Digest type.
preserve         = yes                      # Keep passed DN ordering?

policy           = ca_policy
x509_extensions  = certificate_extensions


[ ca_policy ]
countryName            = match
stateOrProvinceName    = match
organizationName       = match
organizationalUnitName = optional
emailAddress           = optional
commonName             = supplied


[ certificate_extensions ]
basicConstraints = CA:false

# PKIX recommendation.
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer:always

subjectAltName = DNS:server, IP:127.0.0.1
issuerAltName = email:issuer@zeroc.com, IP:127.0.0.1

[ req ]
default_bits        = 1024
default_md          = md5
prompt              = no
distinguished_name  = root_ca_distinguished_name
x509_extensions     = root_ca_extensions


[ root_ca_distinguished_name ]
countryName            = US
stateOrProvinceName    = Florida
localityName           = Palm Beach Gardens
organizationName       = ZeroC, Inc.
organizationalUnitName = Ice
commonName             = Server
emailAddress           = info@zeroc.com


[ root_ca_extensions ]
basicConstraints = CA:false

# PKIX recommendation.
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer:always
keyUsage = nonRepudiation, digitalSignature, keyEncipherment