1*62c56f98SSadaf Ebrahimi[req] 2*62c56f98SSadaf Ebrahimix509_extensions = v3_ca 3*62c56f98SSadaf Ebrahimidistinguished_name = req_dn 4*62c56f98SSadaf Ebrahimi 5*62c56f98SSadaf Ebrahimi[req_dn] 6*62c56f98SSadaf EbrahimicountryName = NL 7*62c56f98SSadaf EbrahimiorganizationalUnitName = PolarSSL 8*62c56f98SSadaf EbrahimicommonName = PolarSSL Test CA 9*62c56f98SSadaf Ebrahimi 10*62c56f98SSadaf Ebrahimi[v3_ca] 11*62c56f98SSadaf EbrahimisubjectKeyIdentifier=hash 12*62c56f98SSadaf EbrahimiauthorityKeyIdentifier=keyid:always,issuer:always 13*62c56f98SSadaf EbrahimibasicConstraints = CA:true 14*62c56f98SSadaf Ebrahimi 15*62c56f98SSadaf Ebrahimi[no_subj_auth_id] 16*62c56f98SSadaf EbrahimisubjectKeyIdentifier=none 17*62c56f98SSadaf EbrahimiauthorityKeyIdentifier=none 18*62c56f98SSadaf EbrahimibasicConstraints = CA:true 19*62c56f98SSadaf Ebrahimi 20*62c56f98SSadaf Ebrahimi[othername_san] 21*62c56f98SSadaf EbrahimisubjectAltName=otherName:1.3.6.1.5.5.7.8.4;SEQ:hw_module_name 22*62c56f98SSadaf Ebrahimi 23*62c56f98SSadaf Ebrahimi[nonprintable_othername_san] 24*62c56f98SSadaf EbrahimisubjectAltName=otherName:1.3.6.1.5.5.7.8.4;SEQ:nonprintable_hw_module_name 25*62c56f98SSadaf Ebrahimi 26*62c56f98SSadaf Ebrahimi[unsupported_othername_san] 27*62c56f98SSadaf EbrahimisubjectAltName=otherName:1.2.3.4;UTF8:some other identifier 28*62c56f98SSadaf Ebrahimi 29*62c56f98SSadaf Ebrahimi[dns_alt_names] 30*62c56f98SSadaf EbrahimisubjectAltName=DNS:example.com, DNS:example.net, DNS:*.example.org 31*62c56f98SSadaf Ebrahimi 32*62c56f98SSadaf Ebrahimi[rfc822name_names] 33*62c56f98SSadaf EbrahimisubjectAltName=email:[email protected],email:[email protected] 34*62c56f98SSadaf Ebrahimi 35*62c56f98SSadaf Ebrahimi[alt_names] 36*62c56f98SSadaf EbrahimiDNS.1=example.com 37*62c56f98SSadaf EbrahimiotherName.1=1.3.6.1.5.5.7.8.4;SEQ:hw_module_name 38*62c56f98SSadaf EbrahimiDNS.2=example.net 39*62c56f98SSadaf EbrahimiDNS.3=*.example.org 40*62c56f98SSadaf Ebrahimi 41*62c56f98SSadaf Ebrahimi[multiple_san] 42*62c56f98SSadaf EbrahimisubjectAltName=@alt_names 43*62c56f98SSadaf Ebrahimi 44*62c56f98SSadaf Ebrahimi[ext_multi_nocn] 45*62c56f98SSadaf EbrahimibasicConstraints = CA:false 46*62c56f98SSadaf EbrahimikeyUsage = digitalSignature, nonRepudiation, keyEncipherment 47*62c56f98SSadaf EbrahimisubjectAltName = DNS:www.shotokan-braunschweig.de,DNS:www.massimo-abate.eu,IP:192.168.1.1,IP:192.168.69.144 48*62c56f98SSadaf Ebrahimi 49*62c56f98SSadaf Ebrahimi[hw_module_name] 50*62c56f98SSadaf Ebrahimihwtype = OID:1.3.6.1.4.1.17.3 51*62c56f98SSadaf Ebrahimihwserial = OCT:123456 52*62c56f98SSadaf Ebrahimi 53*62c56f98SSadaf Ebrahimi[nonprintable_hw_module_name] 54*62c56f98SSadaf Ebrahimihwtype = OID:1.3.6.1.4.1.17.3 55*62c56f98SSadaf Ebrahimihwserial = FORMAT:HEX, OCT:3132338081008180333231 56*62c56f98SSadaf Ebrahimi 57*62c56f98SSadaf Ebrahimi[v3_any_policy_ca] 58*62c56f98SSadaf EbrahimibasicConstraints = CA:true 59*62c56f98SSadaf EbrahimicertificatePolicies = 2.5.29.32.0 60*62c56f98SSadaf Ebrahimi 61*62c56f98SSadaf Ebrahimi[v3_any_policy_qualifier_ca] 62*62c56f98SSadaf EbrahimibasicConstraints = CA:true 63*62c56f98SSadaf EbrahimicertificatePolicies = @policy_info 64*62c56f98SSadaf Ebrahimi 65*62c56f98SSadaf Ebrahimi[v3_multi_policy_ca] 66*62c56f98SSadaf EbrahimibasicConstraints = CA:true 67*62c56f98SSadaf EbrahimicertificatePolicies = 1.2.3.4,2.5.29.32.0 68*62c56f98SSadaf Ebrahimi 69*62c56f98SSadaf Ebrahimi[v3_unsupported_policy_ca] 70*62c56f98SSadaf EbrahimibasicConstraints = CA:true 71*62c56f98SSadaf EbrahimicertificatePolicies = 1.2.3.4 72*62c56f98SSadaf Ebrahimi 73*62c56f98SSadaf Ebrahimi[policy_info] 74*62c56f98SSadaf EbrahimipolicyIdentifier = 2.5.29.32.0 75*62c56f98SSadaf EbrahimiCPS.1 ="CPS uri string" 76*62c56f98SSadaf Ebrahimi 77*62c56f98SSadaf Ebrahimi[fan_cert] 78*62c56f98SSadaf EbrahimiextendedKeyUsage = 1.3.6.1.4.1.45605.1 79*62c56f98SSadaf Ebrahimi 80*62c56f98SSadaf Ebrahimi[noext_ca] 81*62c56f98SSadaf EbrahimibasicConstraints = CA:true 82*62c56f98SSadaf Ebrahimi 83*62c56f98SSadaf Ebrahimi[test_ca] 84*62c56f98SSadaf Ebrahimidatabase = /dev/null 85*62c56f98SSadaf Ebrahimi 86*62c56f98SSadaf Ebrahimi[crl_ext_idp] 87*62c56f98SSadaf EbrahimiissuingDistributionPoint=critical, @idpdata 88*62c56f98SSadaf Ebrahimi 89*62c56f98SSadaf Ebrahimi[crl_ext_idp_nc] 90*62c56f98SSadaf EbrahimiissuingDistributionPoint=@idpdata 91*62c56f98SSadaf Ebrahimi 92*62c56f98SSadaf Ebrahimi[idpdata] 93*62c56f98SSadaf Ebrahimifullname=URI:http://pki.example.com/ 94*62c56f98SSadaf Ebrahimi 95*62c56f98SSadaf Ebrahimi# these IPs are the ascii values for 'abcd' and 'abcd.example.com' 96*62c56f98SSadaf Ebrahimi[tricky_ip_san] 97*62c56f98SSadaf EbrahimisubjectAltName=IP:97.98.99.100,IP:6162:6364:2e65:7861:6d70:6c65:2e63:6f6d 98*62c56f98SSadaf Ebrahimi 99*62c56f98SSadaf Ebrahimi[csr_ext_v3_keyUsage] 100*62c56f98SSadaf EbrahimikeyUsage = digitalSignature, keyEncipherment 101*62c56f98SSadaf Ebrahimi 102*62c56f98SSadaf Ebrahimi[csr_ext_v3_subjectAltName] 103*62c56f98SSadaf EbrahimisubjectAltName=DNS:example.com, DNS:example.net, DNS:*.example.org 104*62c56f98SSadaf Ebrahimi 105*62c56f98SSadaf Ebrahimi[csr_ext_v3_nsCertType] 106*62c56f98SSadaf EbrahiminsCertType=server 107*62c56f98SSadaf Ebrahimi 108*62c56f98SSadaf Ebrahimi[csr_ext_v3_all] 109*62c56f98SSadaf EbrahimikeyUsage = cRLSign 110*62c56f98SSadaf EbrahimisubjectAltName=otherName:1.3.6.1.5.5.7.8.4;SEQ:nonprintable_hw_module_name 111*62c56f98SSadaf EbrahiminsCertType=client 112*62c56f98SSadaf Ebrahimi 113*62c56f98SSadaf Ebrahimi[directory_name_san] 114*62c56f98SSadaf EbrahimisubjectAltName=dirName:dirname_sect 115*62c56f98SSadaf Ebrahimi 116*62c56f98SSadaf Ebrahimi[two_directorynames] 117*62c56f98SSadaf EbrahimisubjectAltName=dirName:dirname_sect, dirName:dirname_to_malform 118*62c56f98SSadaf Ebrahimi 119*62c56f98SSadaf Ebrahimi[dirname_sect] 120*62c56f98SSadaf EbrahimiC=UK 121*62c56f98SSadaf EbrahimiO=Mbed TLS 122*62c56f98SSadaf EbrahimiCN=Mbed TLS directoryName SAN 123*62c56f98SSadaf Ebrahimi 124*62c56f98SSadaf Ebrahimi[dirname_to_malform] 125*62c56f98SSadaf EbrahimiO=MALFORM_ME 126