# # zih-generic-req.conf # # Verwenden Sie diese Datei als Konfigurationsdatei fuer Zertifikatsantraege. # Das typische Kommando zur Erstellung eines solchen Server-Zertifikatantrags # lautet: # # openssl req -config zih-generic-req.conf -newkey rsa:4096 -sha256 -outform PEM -out certreq.pem # # # This definition stops the following lines choking if HOME isn't # defined. HOME = . RANDFILE = $ENV::HOME/.rnd #################################################################### [ req ] default_bits = 2048 default_keyfile = server-key.pem distinguished_name = req_distinguished_name attributes = req_attributes # This sets a mask for permitted string types. There are several options. # default: PrintableString, T61String, BMPString. # pkix : PrintableString, BMPString. # utf8only: only UTF8Strings. # nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings). # MASK:XXXX a literal mask value. # WARNING: current versions of Netscape crash on BMPStrings or UTF8Strings # so use this option with caution! string_mask = nombstr # Einfuegen, um v3_req Extensions, wie z.B. subjectAltName in den Zertifikatsantrag einzutragen # req_extensions = v3_req # The extensions to add to a certificate request, needs to be activated [ req_distinguished_name ] countryName = Laendername (bitte nicht aendern) countryName_default = DE countryName_min = 2 countryName_max = 2 stateOrProvinceName = Bundesland (bitte nicht aendern) stateOrProvinceName_default = Sachsen localityName = Ortsbezeichnung (bitte nicht aendern) localityName_default = Dresden 0.organizationName = Name der Organisation (bitte nicht aendern) 0.organizationName_default = Technische Universitaet Dresden 0.organizationalUnitName = 0.organizationalUnitName_default = ZIH commonName = commonName_max = 256 emailAddress = emailAddress_max = 256 # SET-ex3 = SET extension number 3 [ req_attributes ] # unstructuredName = An optional company name [ v3_req ] # Extensions to add to a certificate request basicConstraints = CA:FALSE keyUsage = nonRepudiation, digitalSignature, keyEncipherment # Einfuegen, wenn ein zusaetzlicher DNS-Name benoetigt wird. # Bei Nutzung unbedingt in Zeile 37 req_extensions aktivieren. # Bitte alle notwendigen DNS-Namen eintragen, auch den "primären" DNS. # subjectAltName = DNS:x.y.tu-dresden.de