The following shows the contents of an example
openssl.cnf configuration file:
################################################################ # openssl example configuration file. # This is mostly used for generation of certificate requests. ################################################################# [ ca ] default_ca= CA_default # The default ca section ################################################################# [ CA_default ] dir=/opt/iona/OrbixSSL1.0c/certs # Where everything is kept certs=$dir # Where the issued certs are kept crl_dir= $dir/crl # Where the issued crl are kept database= $dir/index.txt # database index file new_certs_dir= $dir/new_certs # default place for new certs certificate=$dir/CA/OrbixCA # The CA certificate serial= $dir/serial # The current serial number crl= $dir/crl.pem # The current CRL private_key= $dir/CA/OrbixCA.pk # The private key RANDFILE= $dir/.rand # private random number file default_days= 365 # how long to certify for default_crl_days= 30 # how long before next CRL default_md= md5 # which message digest to use preserve= no # keep passed DN ordering # A few different ways of specifying how closely the request should # conform to the details of the CA policy= policy_match # For the CA policy [policy_match] countryName= match stateOrProvinceName= match organizationName= match organizationalUnitName= optional commonName= supplied emailAddress= optional # For the ‘anything’ policy # At this point in time, you must list all acceptable ‘object’ # types [ policy_anything ] countryName = optional stateOrProvinceName= optional localityName= optional organizationName = optional organizationalUnitName = optional commonName= supplied emailAddress= optional [ req ] default_bits = 1024 default_keyfile= privkey.pem distinguished_name = req_distinguished_name attributes = req_attributes [ req_distinguished_name ] countryName= Country Name (2 letter code) countryName_min= 2 countryName_max = 2 stateOrProvinceName= State or Province Name (full name) localityName = Locality Name (eg, city) organizationName = Organization Name (eg, company) organizationalUnitName = Organizational Unit Name (eg, section) commonName = Common Name (eg. YOUR name) commonName_max = 64 emailAddress = Email Address emailAddress_max = 40 [ req_attributes ] challengePassword = A challenge password challengePassword_min = 4 challengePassword_max = 20 unstructuredName= An optional company name
 |  |  |
 |
