xref: /aosp_15_r20/external/mbedtls/tests/data_files/test-ca.opensslconf (revision 62c56f9862f102b96d72393aff6076c951fb8148) 
1[req]
2x509_extensions = v3_ca
3distinguished_name = req_dn
4
5[req_dn]
6countryName = NL
7organizationalUnitName = PolarSSL
8commonName = PolarSSL Test CA
9
10[v3_ca]
11subjectKeyIdentifier=hash
12authorityKeyIdentifier=keyid:always,issuer:always
13basicConstraints = CA:true
14
15[no_subj_auth_id]
16subjectKeyIdentifier=none
17authorityKeyIdentifier=none
18basicConstraints = CA:true
19
20[othername_san]
21subjectAltName=otherName:1.3.6.1.5.5.7.8.4;SEQ:hw_module_name
22
23[nonprintable_othername_san]
24subjectAltName=otherName:1.3.6.1.5.5.7.8.4;SEQ:nonprintable_hw_module_name
25
26[unsupported_othername_san]
27subjectAltName=otherName:1.2.3.4;UTF8:some other identifier
28
29[dns_alt_names]
30subjectAltName=DNS:example.com, DNS:example.net, DNS:*.example.org
31
32[rfc822name_names]
33subjectAltName=email:[email protected],email:[email protected]
34
35[alt_names]
36DNS.1=example.com
37otherName.1=1.3.6.1.5.5.7.8.4;SEQ:hw_module_name
38DNS.2=example.net
39DNS.3=*.example.org
40
41[multiple_san]
42subjectAltName=@alt_names
43
44[ext_multi_nocn]
45basicConstraints = CA:false
46keyUsage = digitalSignature, nonRepudiation, keyEncipherment
47subjectAltName = DNS:www.shotokan-braunschweig.de,DNS:www.massimo-abate.eu,IP:192.168.1.1,IP:192.168.69.144
48
49[hw_module_name]
50hwtype = OID:1.3.6.1.4.1.17.3
51hwserial = OCT:123456
52
53[nonprintable_hw_module_name]
54hwtype = OID:1.3.6.1.4.1.17.3
55hwserial = FORMAT:HEX, OCT:3132338081008180333231
56
57[v3_any_policy_ca]
58basicConstraints = CA:true
59certificatePolicies = 2.5.29.32.0
60
61[v3_any_policy_qualifier_ca]
62basicConstraints = CA:true
63certificatePolicies = @policy_info
64
65[v3_multi_policy_ca]
66basicConstraints = CA:true
67certificatePolicies = 1.2.3.4,2.5.29.32.0
68
69[v3_unsupported_policy_ca]
70basicConstraints = CA:true
71certificatePolicies = 1.2.3.4
72
73[policy_info]
74policyIdentifier = 2.5.29.32.0
75CPS.1 ="CPS uri string"
76
77[fan_cert]
78extendedKeyUsage = 1.3.6.1.4.1.45605.1
79
80[noext_ca]
81basicConstraints = CA:true
82
83[test_ca]
84database = /dev/null
85
86[crl_ext_idp]
87issuingDistributionPoint=critical, @idpdata
88
89[crl_ext_idp_nc]
90issuingDistributionPoint=@idpdata
91
92[idpdata]
93fullname=URI:http://pki.example.com/
94
95# these IPs are the ascii values for 'abcd' and 'abcd.example.com'
96[tricky_ip_san]
97subjectAltName=IP:97.98.99.100,IP:6162:6364:2e65:7861:6d70:6c65:2e63:6f6d
98
99[csr_ext_v3_keyUsage]
100keyUsage = digitalSignature, keyEncipherment
101
102[csr_ext_v3_subjectAltName]
103subjectAltName=DNS:example.com, DNS:example.net, DNS:*.example.org
104
105[csr_ext_v3_nsCertType]
106nsCertType=server
107
108[csr_ext_v3_all]
109keyUsage = cRLSign
110subjectAltName=otherName:1.3.6.1.5.5.7.8.4;SEQ:nonprintable_hw_module_name
111nsCertType=client
112
113[directory_name_san]
114subjectAltName=dirName:dirname_sect
115
116[two_directorynames]
117subjectAltName=dirName:dirname_sect, dirName:dirname_to_malform
118
119[dirname_sect]
120C=UK
121O=Mbed TLS
122CN=Mbed TLS directoryName SAN
123
124[dirname_to_malform]
125O=MALFORM_ME
126