32 lines
1.4 KiB
Plaintext
32 lines
1.4 KiB
Plaintext
# Email certificate request
|
|
|
|
# This file is used by the openssl req command. Since we cannot know the DN in
|
|
# advance the user is prompted for DN information.
|
|
|
|
[ req ]
|
|
default_bits = 2048 # RSA key size
|
|
encrypt_key = yes # Protect private key
|
|
default_md = sha256 # MD to use
|
|
utf8 = yes # Input is UTF-8
|
|
string_mask = utf8only # Emit UTF-8 strings
|
|
prompt = yes # Prompt for DN
|
|
distinguished_name = email_dn # DN template
|
|
req_extensions = email_reqext # Desired extensions
|
|
|
|
[ email_dn ]
|
|
0.domainComponent = "1. Domain Component (eg, com) "
|
|
1.domainComponent = "2. Domain Component (eg, company) "
|
|
2.domainComponent = "3. Domain Component (eg, pki) "
|
|
organizationName = "4. Organization Name (eg, company) "
|
|
organizationalUnitName = "5. Organizational Unit Name (eg, section) "
|
|
commonName = "6. Common Name (eg, full name)"
|
|
commonName_max = 64
|
|
emailAddress = "7. Email Address (eg, name@fqdn)"
|
|
emailAddress_max = 40
|
|
|
|
[ email_reqext ]
|
|
keyUsage = critical,digitalSignature,keyEncipherment
|
|
extendedKeyUsage = emailProtection,clientAuth
|
|
subjectKeyIdentifier = hash
|
|
subjectAltName = email:copy
|