blob: f551ae8ab0b9ef71827fcbfcf3c26703ba82295a (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
# This template file specifies that the certificate is a certificate
# authority that will be used to sign other certificates, and
# certificate revocations. Set additional properties (e.g. a CRL URI)
# as appropriate.
# Certificate authority template
organization = "Example"
cn = "Your CA name here"
expiration_days = 3650
# This CA can not issue subsidiary CAs
path_len = 0
# Is a CA
ca
# Signs certificates and certificate revocation lists
cert_signing_key
crl_signing_key
# Name constraints (recommended); new in GnuTLS 3.3.x
# Setting this will allow this CA to only issue
# certificates for this domain
nc_permit_dns = "example.com"
#nc_exclude_dns = "test.example.com"
|