ee.cnf (revision 6777b5387eb2ff775bb5750e3f5d96f37fb7352b) - OpenGrok cross reference for /aosp_15_r20/external/cronet/net/data/ssl/scripts/ee.cnf

SUBJECT_NAME = req_dn
KEY_SIZE = 2048

[req]
default_bits       = ${ENV::KEY_SIZE}
default_md         = sha256
string_mask        = utf8only
prompt             = no
encrypt_key        = no
distinguished_name = ${ENV::SUBJECT_NAME}
req_extensions     = req_extensions

[req_dn]
C  = US
ST = California
L  = Mountain View
O  = Test CA
CN = 127.0.0.1

[req_no_san]
basicConstraints = critical, CA:false

[req_duplicate_cn_1]
O  = Foo
CN = Duplicate

[req_duplicate_cn_2]
O  = Bar
CN = Duplicate

[req_localhost_cn]
C  = US
ST = California
L  = Mountain View
O  = Test CA
CN = localhost

[req_self_signed_a]
C  = US
ST = Michigan
L  = Ann Arbor
O  = Test Self-Signed
CN = SS A

[req_self_signed_b]
C  = US
ST = Michigan
L  = Ann Arbor
O  = Test Self-Signed
CN = SS B

[req_punycode_dn]
CN = xn--wgv71a119e.com

[req_ev_dn]
C = US
ST = California
L = Mountain View
O = Test Org

[req_ev_state_only_dn]
C = US
ST = California
O = Test Org

[req_extensions]
subjectAltName = IP:127.0.0.1

[req_intranet_san]
subjectAltName = DNS:webmail

[req_extensions_with_can_sign_http_exchanges_draft]
subjectAltName = IP:127.0.0.1
1.3.6.1.4.1.11129.2.1.22 = ASN1:NULL

[req_extensions_with_can_sign_http_exchanges_draft_invalid]
subjectAltName = IP:127.0.0.1
1.3.6.1.4.1.11129.2.1.22 = DER:30:00

[req_localhost_san]
subjectAltName = DNS:localhost

[req_punycode]
basicConstraints = critical, CA:true
subjectAltName   = @punycode_san

[req_san_sanity]
basicConstraints = critical, CA:true
subjectAltName   = @san_sanity

[san_sanity]
IP.1  = 127.0.0.2
IP.2  = FE80::1
DNS = test.example
email = [email protected]
otherName = 1.2.3.4;UTF8:ignore me
dirName = more_san_sanity

[req_san_example]
basicConstraints = critical, CA:true
subjectAltName   = @san_example

[san_example]
DNS = www.example.com

[req_policies_sanity]
certificatePolicies=1.2.3.4.5, @policy1

[policy1]
policyIdentifier = 1.3.5.8.12
CPS.1="http://cps.example.com/foo"
userNotice.1=@policy_user_notice
userNotice.2=@policy_user_notice2
userNotice.3=@policy_user_notice3

[policy_user_notice]
explicitText="Explicit Text Here"
organization="Organization Name"
noticeNumbers=1,2,3,4

[policy_user_notice2]
explicitText="Explicit Text Two"

[policy_user_notice3]
organization="Organization Name Two"
noticeNumbers=42

[req_spdy_pooling]
subjectAltName = @spdy_pooling

[req_wildcard]
subjectAltName = @wildcard

[req_test_names]
subjectAltName = @test_names

[more_san_sanity]
CN=127.0.0.3

[spdy_pooling]
DNS.1 = www.example.org
DNS.2 = mail.example.org
DNS.3 = mail.example.com
DNS.4 = example.test

[punycode_san]
DNS.1 = xn--wgv71a119e.com
DNS.2 = *.xn--wgv71a119e.com
DNS.3 = blahblahblahblah.com

[wildcard]
DNS.1 = *.example.org

[test_names]
DNS.1 = a.test
DNS.2 = *.a.test
DNS.3 = b.test
DNS.4 = *.b.test
DNS.5 = c.test
DNS.6 = *.c.test
DNS.7 = d.test
DNS.8 = *.d.test

[subj_rsa_no_extension]
CN = RSA-2048 no keyUsage extension
[ext_rsa_no_extension]

[subj_rsa_keyencipherment]
CN = RSA-2048 keyEncipherment
[ext_rsa_keyencipherment]
keyUsage = critical, keyEncipherment

[subj_rsa_digitalsignature]
CN = RSA-2048 digitalSignature
[ext_rsa_digitalsignature]
keyUsage = critical, digitalSignature

[subj_rsa_both]
CN = RSA-2048 keyEncipherment and digitalSignature
[ext_rsa_both]
keyUsage = critical, keyEncipherment, digitalSignature

[subj_p256_no_extension]
CN = P-256 no keyUsage extension
[ext_p256_no_extension]

[subj_p256_keyagreement]
CN = P-256 keyAgreement
[ext_p256_keyagreement]
keyUsage = critical, keyAgreement

[subj_p256_digitalsignature]
CN = P-256 digitalSignature
[ext_p256_digitalsignature]
keyUsage = critical, digitalSignature

[subj_p256_both]
CN = P-256 keyAgreement and digitalSignature
[ext_p256_both]
keyUsage = critical, keyAgreement, digitalSignature