Show/Hide Toolbars

MongoDB Notes

Navigation: Digital Certificates

Example OpenSSL Configuration File

Scroll Prev Top Next More

 

Below is an example of the OpenSSL configuration file, ca.cfg.  

 

####################################################################

[ ca ]

default_ca        = CA_default                # The default ca section

 

####################################################################

#

# This section defines the parameters for the CA.

 

[ CA_default]

dir           = \\ca

certificate   = $dir\\ca.pem

database      = $dir\\index.txt

new_certs_dir = $dir\\certs

private_key   = $dir\\private\\cakey.pem

serial        = $dir\\serial

 

default_crl_days = 7

default_days     = 365

default_md       = sha1

 

policy           = waysys_policy

x509_extensions  = certificate_extensions

copy_extensions  = copy

 

[ waysys_policy ]

commonName             = supplied

organizationalUnitName = optional

organizationName       = supplied

stateOrProvinceName    = supplied

countryName            = supplied

domainComponent        = supplied

 

[ certificate_extensions ]

basicConstraints       = CA:false

 

####################################################################

 

[ req ]

default_bits           = 2048

default_keyfile        = \\ca\\private\\cakey.pem

default_md             = sha1

 

prompt                 = no

distinguished_name     = root_ca_distinguished_name

 

x509_extensions        = root_ca_extensions

 

[ root_ca_distinguished_name ]

commonName             = CA Certificate

organizationalUnitName = Authority

organizationName       = Waysys LLC

stateOrProvinceName    = North Carolina

countryName            = US

1.domainComponent      = waysyseb

0.domainComponent      = com

 

[ root_ca_extensions ]

basicConstraints       = CA:true

 

Issues

 

When running OpenSSL in Windows 10, use double back slashes (\\) as path separators.  Do not use the forward slash (/) or a single back slash (\).