1*6777b538SAndroid Build Coastguard WorkerID=1 2*6777b538SAndroid Build Coastguard WorkerCA_DIR=out 3*6777b538SAndroid Build Coastguard Worker 4*6777b538SAndroid Build Coastguard Worker[ca] 5*6777b538SAndroid Build Coastguard Workerdefault_ca = ca_settings 6*6777b538SAndroid Build Coastguard Workerpreserve = yes 7*6777b538SAndroid Build Coastguard Worker 8*6777b538SAndroid Build Coastguard Worker[ca_settings] 9*6777b538SAndroid Build Coastguard Workerdir = ${ENV::CA_DIR} 10*6777b538SAndroid Build Coastguard Workerdatabase = $dir/${ENV::ID}-index.txt 11*6777b538SAndroid Build Coastguard Workernew_certs_dir = $dir 12*6777b538SAndroid Build Coastguard Workerserial = $dir/${ENV::ID}-serial 13*6777b538SAndroid Build Coastguard Workercertificate = $dir/${ENV::ID}.pem 14*6777b538SAndroid Build Coastguard Workerprivate_key = $dir/${ENV::ID}.key 15*6777b538SAndroid Build Coastguard WorkerRANDFILE = $dir/rand 16*6777b538SAndroid Build Coastguard Workerdefault_md = sha256 17*6777b538SAndroid Build Coastguard Workerdefault_days = 3650 18*6777b538SAndroid Build Coastguard Workerpolicy = policy_anything 19*6777b538SAndroid Build Coastguard Workerunique_subject = no 20*6777b538SAndroid Build Coastguard Workercopy_extensions = copy 21*6777b538SAndroid Build Coastguard Worker 22*6777b538SAndroid Build Coastguard Worker[policy_anything] 23*6777b538SAndroid Build Coastguard Worker# Default signing policy 24*6777b538SAndroid Build Coastguard WorkercountryName = optional 25*6777b538SAndroid Build Coastguard WorkerstateOrProvinceName = optional 26*6777b538SAndroid Build Coastguard WorkerlocalityName = optional 27*6777b538SAndroid Build Coastguard WorkerorganizationName = optional 28*6777b538SAndroid Build Coastguard WorkerorganizationalUnitName = optional 29*6777b538SAndroid Build Coastguard WorkercommonName = optional 30*6777b538SAndroid Build Coastguard WorkeremailAddress = optional 31*6777b538SAndroid Build Coastguard Worker 32*6777b538SAndroid Build Coastguard Worker[req] 33*6777b538SAndroid Build Coastguard Workerdefault_bits = 2048 34*6777b538SAndroid Build Coastguard Workerdefault_md = sha256 35*6777b538SAndroid Build Coastguard Workerstring_mask = utf8only 36*6777b538SAndroid Build Coastguard Workerprompt = no 37*6777b538SAndroid Build Coastguard Workerencrypt_key = no 38*6777b538SAndroid Build Coastguard Workerdistinguished_name = req_env_dn 39*6777b538SAndroid Build Coastguard Worker 40*6777b538SAndroid Build Coastguard Worker[user_cert] 41*6777b538SAndroid Build Coastguard Worker# Extensions to add when signing a request for an EE cert 42*6777b538SAndroid Build Coastguard WorkerbasicConstraints = critical, CA:false 43*6777b538SAndroid Build Coastguard WorkerextendedKeyUsage = serverAuth,clientAuth 44*6777b538SAndroid Build Coastguard Worker 45*6777b538SAndroid Build Coastguard Worker[san_user_cert] 46*6777b538SAndroid Build Coastguard WorkersubjectAltName = email:[email protected],otherName:msUPN;UTF8:[email protected] 47*6777b538SAndroid Build Coastguard Worker 48*6777b538SAndroid Build Coastguard Worker[ca_cert] 49*6777b538SAndroid Build Coastguard Worker# Extensions to add when signing a request for an intermediate/CA cert 50*6777b538SAndroid Build Coastguard WorkerbasicConstraints = critical, CA:true 51*6777b538SAndroid Build Coastguard WorkerkeyUsage = critical, keyCertSign, cRLSign 52*6777b538SAndroid Build Coastguard Worker 53*6777b538SAndroid Build Coastguard Worker[req_env_dn] 54*6777b538SAndroid Build Coastguard WorkerCN = ${ENV::COMMON_NAME} 55