To create new wiki account, please join us on #znc at Libera.Chat and ask admins to create a wiki account for you. You can say thanks to spambots for this inconvenience.
OpenSSL.cnf SelfSigned
Jump to navigation
Jump to search
[default] default_md = sha512 name_opt = ca_default cert_opt = ca_default default_days = 375 policy = @policy_selfsigned [ req ] #Options from the [ req ] section are applied #when creating certificates or certificate signing requests. # Options for the `req` tool (`man req`). default_bits = 4096 distinguished_name = @req_dn string_mask = utf8only default_md = sha512 [ req_dn ] # The [ req_dn ] section declares the information # normally required in a certificate signing request. # You can optionally specify some defaults. # See <https://en.wikipedia.org/wiki/Certificate_signing_request>. countryName = Country Name (2 letter code) countryName_min = 2 countryName_max = 2 stateOrProvinceName = State or Province Name (full name) localityName = Locality Name (eg, city) organizationName = Organization Name (eg, company) organizationalUnitName = Organizational Unit Name (eg, section) commonName = Common Name (e.g. server FQDN or YOUR name) emailAddress = Email Address # Optionally, specify some defaults. countryName_default = IT stateOrProvinceName_default = Italy localityName_default = Italy organizationName_default = ZNC.in #organizationalUnitName_default = ZNC Service #commonName_default = wiki.znc.in emailAddress_default = user [at] example [dot] com [ policy_selfsigned ] # See the POLICY FORMAT section of the `ca` man page. countryName = optional stateOrProvinceName = optional localityName = optional organizationName = optional organizationalUnitName = optional commonName = optional emailAddress = optional [ usr_cert ] # We’ll apply the usr_cert extension when signing client certificates, # such as those used for remote user authentication. # Extensions for client certificates (`man x509v3_config`). basicConstraints = critical, CA:FALSE subjectKeyIdentifier = hash authorityKeyIdentifier = keyid:always, issuer:always keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment, dataEncipherment, keyAgreement extendedKeyUsage = critical, clientAuth, emailProtection, codeSigning [ server_cert ] # We’ll apply the server_cert extension when signing server certificates, # such as those used for web servers. # Extensions for server certificates (`man x509v3_config`). basicConstraints = critical, CA:FALSE subjectKeyIdentifier = hash authorityKeyIdentifier = keyid:always, issuer:always keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment, keyAgreement extendedKeyUsage = critical, serverAuth