summaryrefslogtreecommitdiff
path: root/etc/email.conf
diff options
context:
space:
mode:
authorStefan H. Holek <stefan@epy.co.at>2012-12-21 21:16:09 +0100
committerErich Eckner <git@eckner.net>2019-09-02 12:03:10 +0200
commit8ff38501e1587418723d6e9ba8658cd548a476ac (patch)
treea5e9dd0d7bed2a7b455368c52d67d6e96dd07961 /etc/email.conf
parent537fb1c35ea3a0f0ed7efad138c46f02f19c5539 (diff)
downloadsimple-pki-8ff38501e1587418723d6e9ba8658cd548a476ac.tar.xz
Rename email-client.conf -> email.conf.
Diffstat (limited to 'etc/email.conf')
-rw-r--r--etc/email.conf31
1 files changed, 31 insertions, 0 deletions
diff --git a/etc/email.conf b/etc/email.conf
new file mode 100644
index 0000000..ea26c58
--- /dev/null
+++ b/etc/email.conf
@@ -0,0 +1,31 @@
+# Email certificate request
+
+# This file is used by the openssl req command. Since we cannot know the DN in
+# advance the user is prompted for DN information.
+
+[ req ]
+default_bits = 2048 # RSA key size
+encrypt_key = yes # Protect private key
+default_md = sha1 # MD to use
+utf8 = yes # Input is UTF-8
+string_mask = utf8only # Emit UTF-8 strings
+prompt = yes # Prompt for DN
+distinguished_name = email_dn # DN template
+req_extensions = email_reqext # Desired extensions
+
+[ email_dn ]
+0.domainComponent = "1. Domain Component (eg, com) "
+1.domainComponent = "2. Domain Component (eg, company) "
+2.domainComponent = "3. Domain Component (eg, pki) "
+organizationName = "4. Organization Name (eg, company) "
+organizationalUnitName = "5. Organizational Unit Name (eg, section) "
+commonName = "6. Common Name (eg, full name)"
+commonName_max = 64
+emailAddress = "7. Email Address (eg, name@fqdn)"
+emailAddress_max = 40
+
+[ email_reqext ]
+keyUsage = critical,digitalSignature,keyEncipherment
+extendedKeyUsage = emailProtection,clientAuth
+subjectKeyIdentifier = hash
+subjectAltName = email:move