diff options
Diffstat (limited to 'etc/email.conf')
| -rw-r--r-- | etc/email.conf | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/etc/email.conf b/etc/email.conf new file mode 100644 index 0000000..ea26c58 --- /dev/null +++ b/etc/email.conf @@ -0,0 +1,31 @@ +# Email certificate request + +# This file is used by the openssl req command. Since we cannot know the DN in +# advance the user is prompted for DN information. + +[ req ] +default_bits = 2048 # RSA key size +encrypt_key = yes # Protect private key +default_md = sha1 # MD to use +utf8 = yes # Input is UTF-8 +string_mask = utf8only # Emit UTF-8 strings +prompt = yes # Prompt for DN +distinguished_name = email_dn # DN template +req_extensions = email_reqext # Desired extensions + +[ email_dn ] +0.domainComponent = "1. Domain Component (eg, com) " +1.domainComponent = "2. Domain Component (eg, company) " +2.domainComponent = "3. Domain Component (eg, pki) " +organizationName = "4. Organization Name (eg, company) " +organizationalUnitName = "5. Organizational Unit Name (eg, section) " +commonName = "6. Common Name (eg, full name)" +commonName_max = 64 +emailAddress = "7. Email Address (eg, name@fqdn)" +emailAddress_max = 40 + +[ email_reqext ] +keyUsage = critical,digitalSignature,keyEncipherment +extendedKeyUsage = emailProtection,clientAuth +subjectKeyIdentifier = hash +subjectAltName = email:move |