chrome/test/data/extensions/api_test/platform_keys/ca.cnf

   1 [ca]
   2 default_ca = CA_root
   3 preserve   = yes
   4
   5 # The default test root, used to generate certificates and CRLs.
   6 [CA_root]
   7 dir           = out
   8 key_size      = 2048
   9 algo          = sha256
  10 cert_type     = root
  11 database      = $dir/${ENV::CA_ID}-index.txt
  12 new_certs_dir = $dir
  13 serial        = $dir/${ENV::CA_ID}-serial
  14 certificate   = $dir/${ENV::CA_ID}.pem
  15 private_key   = $dir/${ENV::CA_ID}.key
  16 RANDFILE      = $dir/.rand
  17 default_days     = 3650
  18 default_crl_days = 30
  19 default_md       = sha256
  20 policy           = policy_anything
  21 unique_subject   = no
  22 copy_extensions  = copy
  23
  24 [leaf_cert]
  25 # Extensions to add when signing a request for an leaf cert
  26 basicConstraints       = critical, CA:false
  27 subjectKeyIdentifier   = hash
  28 authorityKeyIdentifier = keyid:always
  29 extendedKeyUsage       = serverAuth, clientAuth
  30
  31 [ca_cert]
  32 # Extensions to add when signing a request for an intermediate/CA cert
  33 basicConstraints       = critical, CA:true
  34 subjectKeyIdentifier   = hash
  35 authorityKeyIdentifier = keyid:always
  36 keyUsage               = critical, keyCertSign, cRLSign
  37
  38 [policy_anything]
  39 # Default signing policy
  40 countryName            = optional
  41 stateOrProvinceName    = optional
  42 localityName           = optional
  43 organizationName       = optional
  44 organizationalUnitName = optional
  45 commonName             = optional
  46 emailAddress           = optional
  47
  48 [req]
  49 default_bits       = 2048
  50 default_md         = sha256
  51 string_mask        = utf8only
  52 prompt             = no
  53 encrypt_key        = no
  54 distinguished_name = dn
  55
  56 [dn]
  57 CN = $ENV::CN