-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcert.example.conf
executable file
·53 lines (40 loc) · 1.2 KB
/
cert.example.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
#!/bin/bash
# OpenSSL Related Configuration
# -----------------------------------------------
# RSA or EC key ?
export KEY_TYPE="EC"
# select curve
export KEY_EC_CURVE="secp384r1"
# RSA keysize - recommended >= 3072
export KEY_SIZE=3072
# Your Cert Params
export KEY_COUNTRY="DE"
export KEY_PROVINCE="BERLIN"
export KEY_CITY="BERLIN"
export KEY_ORG="My Company"
export KEY_EMAIL="[email protected]"
export KEY_OU="OVPN-PKI Testing"
# x509 tool settings
# -----------------------------------------------
# In how many days should the root CA key expire?
CA_EXPIRE=3650
# In how many days should certificates expire?
CRT_EXPIRE=3650
# certificate naming scheme: generic (client.crt) or based on common name (<cn>.crt)
CRT_SCHEME="cn"
# Certificate Common Name Templates
# -----------------------------------------------
# The placeholder %s is replaced by the second CLI argument
CA_COMMON_NAME="%s"
ICA_COMMON_NAME="%s"
SRV_COMMON_NAME="%s"
CLIENT_COMMON_NAME="%s"
HOST_COMMON_NAME="%s"
CODESIGNING_COMMON_NAME="%s"
SMIME_COMMON_NAME="%s"
SMIME_EMAIL_NAME="%s"
# Development or user based installation
# -----------------------------------------------
# overrides
#CONF_DIR=${BASEDIR}
#LIB_DIR=${BASEDIR}/lib