1[ca]
2default_ca = CA_default
3
4[CA_default]
5dir = ./
6database = $dir/index.txt
7new_certs_dir = ./
8serial = $dir/serial
9private_key = ./rootca.key
10certificate = ./rootca.crt
11default_days = 3650
12default_md = sha256
13policy = policy_anything
14copy_extensions = copyall
15
16[policy_anything]
17countryName = optional
18stateOrProvinceName = optional
19localityName = optional
20organizationName = optional
21organizationalUnitName = optional
22commonName = supplied
23emailAddress = optional
24
25[ req ]
26default_bits = 2048
27distinguished_name = req_distinguished_name
28req_extensions = v3_req
29
30[ req_distinguished_name ]
31countryName = Country Name (2 letter code)
32stateOrProvinceName = State or Province Name (full name)
33localityName = Locality Name (eg, city)
34organizationName = Organization Name (eg, company)
35commonName = Common Name (e.g. server FQDN or YOUR name)
36
37[ v3_req ]
38subjectAltName = @alternate_names
39
40[alternate_names]
41DNS.1 = helm.sh
42IP.1 = 127.0.0.1
View as plain text