blob: ce3c0067e4cf2051c244828c3a083445ae73a6c4 [file] [log] [blame]
SUBJECT_NAME = req_dn
KEY_SIZE = 2048
[req]
default_bits = ${ENV::KEY_SIZE}
default_md = sha256
string_mask = utf8only
prompt = no
encrypt_key = no
distinguished_name = ${ENV::SUBJECT_NAME}
req_extensions = req_extensions
[req_dn]
C = US
ST = California
L = Mountain View
O = Test CA
CN = 127.0.0.1
[req_no_san]
basicConstraints = critical, CA:false
[req_duplicate_cn_1]
O = Foo
CN = Duplicate
[req_duplicate_cn_2]
O = Bar
CN = Duplicate
[req_intranet_dn]
CN = webmail
[req_localhost_cn]
C = US
ST = California
L = Mountain View
O = Test CA
CN = localhost
[req_self_signed_a]
C = US
ST = Michigan
L = Ann Arbor
O = Test Self-Signed
CN = SS A
[req_self_signed_b]
C = US
ST = Michigan
L = Ann Arbor
O = Test Self-Signed
CN = SS B
[req_punycode_dn]
CN = xn--wgv71a119e.com
[req_extensions]
subjectAltName = IP:127.0.0.1
[req_intranet_san]
subjectAltName = DNS:webmail
[req_extensions_with_tls_feature]
subjectAltName = IP:127.0.0.1
1.3.6.1.5.5.7.1.24=DER:30:03:02:01:05
[req_extensions_with_can_sign_http_exchanges_draft]
subjectAltName = IP:127.0.0.1
1.3.6.1.4.1.11129.2.1.22 = ASN1:NULL
[req_extensions_with_can_sign_http_exchanges_draft_invalid]
subjectAltName = IP:127.0.0.1
1.3.6.1.4.1.11129.2.1.22 = DER:30:00
[req_localhost_san]
subjectAltName = DNS:localhost
[req_punycode]
basicConstraints = critical, CA:true
subjectAltName = @punycode_san
[req_san_sanity]
basicConstraints = critical, CA:true
subjectAltName = @san_sanity
[san_sanity]
IP.1 = 127.0.0.2
IP.2 = FE80::1
DNS = test.example
email = test@test.example
otherName = 1.2.3.4;UTF8:ignore me
dirName = more_san_sanity
[req_san_example]
basicConstraints = critical, CA:true
subjectAltName = @san_example
[san_example]
DNS = www.example.com
[req_spdy_pooling]
subjectAltName = @spdy_pooling
[req_wildcard]
subjectAltName = @wildcard
[more_san_sanity]
CN=127.0.0.3
[spdy_pooling]
DNS.1 = www.example.org
DNS.2 = mail.example.org
DNS.3 = mail.example.com
[punycode_san]
DNS.1 = xn--wgv71a119e.com
DNS.2 = *.xn--wgv71a119e.com
DNS.3 = blahblahblahblah.com
[wildcard]
DNS.1 = *.example.org
[subj_rsa_no_extension]
CN = RSA-2048 no keyUsage extension
[ext_rsa_no_extension]
[subj_rsa_keyencipherment]
CN = RSA-2048 keyEncipherment
[ext_rsa_keyencipherment]
keyUsage = critical, keyEncipherment
[subj_rsa_digitalsignature]
CN = RSA-2048 digitalSignature
[ext_rsa_digitalsignature]
keyUsage = critical, digitalSignature
[subj_rsa_both]
CN = RSA-2048 keyEncipherment and digitalSignature
[ext_rsa_both]
keyUsage = critical, keyEncipherment, digitalSignature
[subj_p256_no_extension]
CN = P-256 no keyUsage extension
[ext_p256_no_extension]
[subj_p256_keyagreement]
CN = P-256 keyAgreement
[ext_p256_keyagreement]
keyUsage = critical, keyAgreement
[subj_p256_digitalsignature]
CN = P-256 digitalSignature
[ext_p256_digitalsignature]
keyUsage = critical, digitalSignature
[subj_p256_both]
CN = P-256 keyAgreement and digitalSignature
[ext_p256_both]
keyUsage = critical, keyAgreement, digitalSignature