2 default_ca = CA_default
8 database = $dir/index.txt
10 certificate = $dir/ca.pem
13 private_key = $dir/ca.key
25 stateOrProvinceName = match
26 organizationName = match
27 organizationalUnitName = optional
29 emailAddress = optional
32 countryName = optional
33 stateOrProvinceName = optional
34 localityName = optional
35 organizationName = optional
36 organizationalUnitName = optional
38 emailAddress = optional
42 distinguished_name = certificate_authority
44 input_password = whatever
45 output_password = whatever
46 x509_extensions = v3_ca
48 [certificate_authority]
50 stateOrProvinceName = Radius
51 localityName = Somewhere
52 organizationName = Example Inc.
53 emailAddress = admin@example.com
54 commonName = "Example Certificate Authority"
57 subjectKeyIdentifier = hash
58 authorityKeyIdentifier = keyid:always,issuer:always
59 basicConstraints = CA:true