aboutsummaryrefslogtreecommitdiff
path: root/scripts/testroot.cnf
blob: 238bd8ab20640fde76b01e375efefa68e56c5c1e (plain) (blame) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81

# $Id$
#
# Generate test root resource certificate for use with testroot.py server.

[ ca ]
default_ca		= ca_default

[ ca_default ]
certificate		= testroot.cer
serial			= testroot.serial
private_key		= testroot.key
database		= testroot.index
new_certs_dir		= /tmp
name_opt		= ca_default
cert_opt		= ca_default
default_days		= 365
default_crl_days	= 30
default_md		= sha256
preserve		= no
copy_extensions		= copy
policy			= ca_policy_anything
unique_subject		= no
x509_extensions		= ca_x509_ext
crl_extensions		= crl_x509_ext

[ ca_policy_anything ]
countryName		= optional
stateOrProvinceName	= optional
localityName		= optional
organizationName	= optional
organizationalUnitName	= optional
commonName		= supplied
emailAddress		= optional
givenName		= optional
surname			= optional

[ req ]
default_bits		= 2048
encrypt_key		= no
distinguished_name	= req_dn
req_extensions		= req_x509_ext
prompt			= no

[ req_dn ]
CN			= testroot

[ req_x509_ext ]
basicConstraints	= critical,CA:true
subjectKeyIdentifier	= hash
keyUsage		= critical,keyCertSign,cRLSign
subjectInfoAccess	= 1.3.6.1.5.5.7.48.5;URI:rsync://wombat.invalid/
sbgp-autonomousSysNum	= critical,@asid_ext
sbgp-ipAddrBlock	= critical,@addr_ext

[ ca_x509_ext ]
basicConstraints	= critical,CA:true
keyUsage		= critical,keyCertSign,cRLSign
subjectInfoAccess	= 1.3.6.1.5.5.7.48.5;URI:rsync://wombat.invalid/
sbgp-autonomousSysNum	= critical,@asid_ext
sbgp-ipAddrBlock	= critical,@addr_ext

[ crl_x509_ext ]
authorityKeyIdentifier	= keyid:always

[ asid_ext ] 

AS.0			= 64533
AS.1			= 64534-64540
AS.2			= 64544

[ addr_ext ]

IPv4.0			= 10.0.0.0/24
IPv4.1			= 10.3.0.0/24
IPv4.2			= 192.0.2.1-192.0.2.33
IPv4.3			= 192.0.2.44-192.0.2.100

IPv6.0			= 2001:db8::44-2001:db8::100
IPv6.1			= 2001:db8::a00:0/120
IPv6.2			= 2001:db8::a03:0/120
IPv6.3			= 2001:db8::10:0:44/128
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-14 14:04:11 +0000