#RANDFILE = /usr/local/etc/httpd/reqdir/.rand
####################################################################
[ ca ]
default_ca = CA_default # The default ca section
dir = /Admin/plugin/plugin_cert # Where everything is kept
#dir = .
certs = $dir/certs # Where the issued certs are kept
crl_dir = $dir/crl # Where the issued crl are kept
database = $dir/c_index.txt # database index file.
new_certs_dir = $dir/newcerts/server # default place for new certs.
certificate = $dir/ca_cert/cert.pem # The CA certificate
#certificate = $dir/ca_cert/hyundai-mortor-sso-ca-20030903/cacert.pem
# The CA certificate
serial = $dir/c_serial # The current serial number
crl = $dir/crl.pem # The current CRL
private_key = $dir/ca_cert/key.pem # The private key
#private_key = $dir/ca_cert/hyundai-mortor-sso-ca-20030903/priv.pem # The pr
ivate key
RANDFILE = $dir/ca_cert/.rand # private random number file
#default_days = 1825 # how long to certify for
default_days = 18250 # how long to certify for
default_crl_days= 30 # how long before next CRL
default_md = md5 # which md to use.
#default_md = sha1 # which md to use.
preserve = no # keep passed DN ordering
certdb = $dir/CERTDB
# A few difference way of specifying how similar the request should look
# For type CA, the listed attributes must be the same, and the optional
# and supplied fields are just that :-)
policy = policy_anything
# For the CA policy
[ policy_match ]
countryName = match
stateOrProvinceName = optional
organizationName = match
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
# For the 'anything' policy
# At this point in time, you must list all acceptable 'object'
# types.
[ policy_anything ]
countryName = optional
stateOrProvinceName = optional
localityName = optional
organizationName = optional
organizationalUnitName = optional
commonName = supplied
emailAddress = optional