From e72d62d2b9a932cc908d563c64e6c008821bc807 Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Fri, 24 Oct 2008 21:51:17 +0000 Subject: Add some of the other RPKI profile extensions, in particular an example of a multi-URI CRLDP extension. svn path=/openssl/tests/test.conf; revision=2027 --- openssl/tests/test.conf | 27 ++++++++++++++++++++++++++- 1 file changed, 26 insertions(+), 1 deletion(-) (limited to 'openssl') diff --git a/openssl/tests/test.conf b/openssl/tests/test.conf index 161eb5be..e2dc5166 100644 --- a/openssl/tests/test.conf +++ b/openssl/tests/test.conf @@ -1,7 +1,8 @@ # $Id$ [ req ] -default_bits = 1024 +default_md = sha256 +default_bits = 2048 encrypt_key = no distinguished_name = req_dn x509_extensions = req_x509_ext @@ -21,6 +22,30 @@ emailAddress = sra@hactrn.net sbgp-autonomousSysNum = @asid_ext sbgp-ipAddrBlock = @addr_ext +basicConstraints = critical,CA:true +subjectKeyIdentifier = hash +keyUsage = critical,keyCertSign,cRLSign + +subjectInfoAccess = 1.3.6.1.5.5.7.48.5;URI:rsync://example.org/foo/,1.3.6.1.5.5.7.48.10;URI:rsync://example.org/foo/bar.mnf + +#crlDistributionPoints = URI:rsync://example.org/foo/bar.crl +crlDistributionPoints = crldp_ext + +certificatePolicies = critical, @certificate_policy_ext + +[ crldp_ext ] + +fullname = @crldp_URIs + +[ crldp_URIs ] + +URI.0 = rsync://example.org/foo/bar.crl +URI.1 = rsync://example.org/foo/baz.crl + +[ certificate_policy_ext ] + +policyIdentifier = 1.3.6.1.5.5.7.14.2 + [ asid_ext ] AS.0 = 1 -- cgit v1.2.3