forked from salrashid123/mtls_pkcs11
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathserver.conf
27 lines (23 loc) · 1008 Bytes
/
server.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
# TLS server certificate request
[ default ]
SAN = DNS:yourdomain.tld # Default value
[ req ]
default_bits = 2048 # RSA key size
encrypt_key = no # Protect private key
default_md = sha1 # MD to use
prompt = yes # Prompt for DN
distinguished_name = server_dn # DN template
req_extensions = server_reqext # Desired extensions
[ server_dn ]
countryName_default = "US"
stateOrProvinceName_default = "California"
localityName_default = "Mountain View"
organizationName_default = "Google"
organizationalUnitName_default = "Enterprise"
commonName = "Common Name (eg, FQDN) "
commonName_max = 64
[ server_reqext ]
keyUsage = critical,digitalSignature
extendedKeyUsage = serverAuth
subjectKeyIdentifier = hash
subjectAltName = $ENV::SAN