From a62d94b1ab1b4e8a5c27ab9b05463a849ed973f5 Mon Sep 17 00:00:00 2001 From: "Stefan H. Holek" Date: Fri, 30 Nov 2012 15:17:59 +0100 Subject: Initial import. --- etc/email-client.conf | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 etc/email-client.conf (limited to 'etc/email-client.conf') diff --git a/etc/email-client.conf b/etc/email-client.conf new file mode 100644 index 0000000..04fdaef --- /dev/null +++ b/etc/email-client.conf @@ -0,0 +1,31 @@ +# Email client certificate request + +# This file is used by the openssl req command. Since we cannot know the DN in +# advance the user is prompted for DN information. + +[ req ] +default_bits = 2048 # RSA key size +encrypt_key = yes # Protect private key +default_md = sha1 # MD to use +utf8 = yes # Input is UTF-8 +string_mask = utf8only # Emit UTF-8 strings +prompt = yes # Prompt for DN +distinguished_name = email_dn # DN template +req_extensions = email_reqext # Desired extensions + +[ email_dn ] +0.domainComponent = "1. Domain Component (eg, com) " +1.domainComponent = "2. Domain Component (eg, company) " +2.domainComponent = "3. Domain Component (eg, pki) " +organizationName = "4. Organization Name (eg, company) " +organizationalUnitName = "5. Organizational Unit Name (eg, section) " +commonName = "6. Common Name (eg, full name)" +commonName_max = 64 +emailAddress = "7. Email Address (eg, name@fqdn)" +emailAddress_max = 40 + +[ email_reqext ] +keyUsage = critical,digitalSignature,keyEncipherment +extendedKeyUsage = emailProtection,clientAuth +subjectKeyIdentifier = hash +subjectAltName = email:copy -- cgit v1.2.3-70-g09d2