43 lines
1.5 KiB
INI
43 lines
1.5 KiB
INI
# OpenSSL configuration file to create a server certificate
|
|
# by Michal Trojnara 1998-2012
|
|
|
|
[ req ]
|
|
# the default key length is secure and quite fast - do not change it
|
|
default_bits = 2048
|
|
# comment out the next line to protect the private key with a passphrase
|
|
encrypt_key = no
|
|
distinguished_name = req_dn
|
|
x509_extensions = cert_type
|
|
|
|
[ req_dn ]
|
|
countryName = Country Name (2 letter code)
|
|
countryName_default = PL
|
|
countryName_min = 2
|
|
countryName_max = 2
|
|
|
|
stateOrProvinceName = State or Province Name (full name)
|
|
stateOrProvinceName_default = Mazovia Province
|
|
|
|
localityName = Locality Name (eg, city)
|
|
localityName_default = Warsaw
|
|
|
|
organizationName = Organization Name (eg, company)
|
|
organizationName_default = Stunnel Developers
|
|
|
|
organizationalUnitName = Organizational Unit Name (eg, section)
|
|
organizationalUnitName_default = Provisional CA
|
|
|
|
0.commonName = Common Name (FQDN of your server)
|
|
0.commonName_default = localhost
|
|
|
|
# To create a certificate for more than one name uncomment:
|
|
# 1.commonName = DNS alias of your server
|
|
# 2.commonName = DNS alias of your server
|
|
# ...
|
|
# See http://home.netscape.com/eng/security/ssl_2.0_certificate.html
|
|
# to see how Netscape understands commonName.
|
|
|
|
[ cert_type ]
|
|
nsCertType = server
|
|
|