summaryrefslogtreecommitdiff
path: root/src/gns/gnutls_ca.cfg
diff options
context:
space:
mode:
Diffstat (limited to 'src/gns/gnutls_ca.cfg')
-rw-r--r--src/gns/gnutls_ca.cfg25
1 files changed, 25 insertions, 0 deletions
diff --git a/src/gns/gnutls_ca.cfg b/src/gns/gnutls_ca.cfg
new file mode 100644
index 000000000..f551ae8ab
--- /dev/null
+++ b/src/gns/gnutls_ca.cfg
@@ -0,0 +1,25 @@
+# This template file specifies that the certificate is a certificate
+# authority that will be used to sign other certificates, and
+# certificate revocations. Set additional properties (e.g. a CRL URI)
+# as appropriate.
+
+# Certificate authority template
+organization = "Example"
+cn = "Your CA name here"
+expiration_days = 3650
+
+# This CA can not issue subsidiary CAs
+path_len = 0
+
+# Is a CA
+ca
+
+# Signs certificates and certificate revocation lists
+cert_signing_key
+crl_signing_key
+
+# Name constraints (recommended); new in GnuTLS 3.3.x
+# Setting this will allow this CA to only issue
+# certificates for this domain
+nc_permit_dns = "example.com"
+#nc_exclude_dns = "test.example.com"