certpath/DisabledAlgorithms/openssl.cnf

1824N/A#
2362N/A# Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved.
1824N/A# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
1824N/A#
1824N/A# This code is free software; you can redistribute it and/or modify it
1824N/A# under the terms of the GNU General Public License version 2 only, as
2362N/A# published by the Free Software Foundation.  Oracle designates this
1824N/A# particular file as subject to the "Classpath" exception as provided
2362N/A# by Oracle in the LICENSE file that accompanied this code.
1824N/A#
1824N/A# This code is distributed in the hope that it will be useful, but WITHOUT
1824N/A# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
1824N/A# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
1824N/A# version 2 for more details (a copy is included in the LICENSE file that
1824N/A# accompanied this code).
1824N/A#
1824N/A# You should have received a copy of the GNU General Public License version
1824N/A# 2 along with this work; if not, write to the Free Software Foundation,
1824N/A# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
1824N/A#
2362N/A# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
2362N/A# or visit www.oracle.com if you need additional information or have any
2362N/A# questions.
1824N/A#
1824N/A
1824N/A#
1824N/A# OpenSSL configuration file.
1824N/A#
1824N/A
1824N/AHOME                = .
1824N/ARANDFILE            = $ENV::HOME/.rnd
1824N/A
1824N/A[ ca ]
1824N/Adefault_ca          = CA_default
1824N/A
1824N/A[ CA_default ]
1824N/Adir                 = ./top
1824N/Acerts               = $dir/certs
1824N/Acrl_dir             = $dir/crl
1824N/Adatabase            = $dir/index.txt
1824N/Aunique_subject      = no
1824N/Anew_certs_dir       = $dir/newcerts
1824N/Acertificate         = $dir/cacert.pem
1824N/Aserial              = $dir/serial
1824N/Acrlnumber           = $dir/crlnumber
1824N/Acrl                 = $dir/crl.pem
1824N/Aprivate_key         = $dir/private/cakey.pem
1824N/ARANDFILE            = $dir/private/.rand
1824N/Ax509_extensions     = v3_ca
1824N/A
1824N/Aname_opt            = ca_default
1824N/Acert_opt            = ca_default
1824N/A
1824N/Adefault_days        = 7650
1824N/Adefault_crl_days    = 30
1824N/Adefault_md          = sha1
1824N/Apreserve            = no
1824N/A
1824N/Apolicy              = policy_anything
1824N/A
1824N/A[ ca_top ]
1824N/Adir                 = ./root
1824N/Acerts               = $dir/certs
1824N/Acrl_dir             = $dir/crl
1824N/Adatabase            = $dir/index.txt
1824N/Aunique_subject      = no
1824N/Anew_certs_dir       = $dir/newcerts
1824N/Acertificate         = $dir/cacert.pem
1824N/Aserial              = $dir/serial
1824N/Acrlnumber           = $dir/crlnumber
1824N/Acrl                 = $dir/crl.pem
1824N/Aprivate_key         = $dir/private/cakey.pem
1824N/ARANDFILE            = $dir/private/.rand
1824N/A
1824N/Ax509_extensions     = v3_ca
1824N/A
1824N/Aname_opt            = ca_default
1824N/Acert_opt            = ca_default
1824N/A
1824N/Adefault_days        = 7650
1824N/Adefault_crl_days    = 30
1824N/Adefault_md          = sha1
1824N/Apreserve            = no
1824N/A
1824N/Apolicy              = policy_anything
1824N/A
1824N/A[ ca_subca ]
1824N/Adir                 = ./subca
1824N/Acerts               = $dir/certs
1824N/Acrl_dir             = $dir/crl
1824N/Adatabase            = $dir/index.txt
1824N/Aunique_subject      = no
1824N/Anew_certs_dir       = $dir/newcerts
1824N/A
1824N/Acertificate         = $dir/cacert.pem
1824N/Aserial              = $dir/serial
1824N/Acrlnumber           = $dir/crlnumber
1824N/Acrl                 = $dir/crl.pem
1824N/Aprivate_key         = $dir/private/cakey.pem
1824N/ARANDFILE            = $dir/private/.rand
1824N/A
1824N/Ax509_extensions     = usr_cert
1824N/A
1824N/Aname_opt            = ca_default
1824N/Acert_opt            = ca_default
1824N/A
1824N/Adefault_days        = 7650
1824N/Adefault_crl_days    = 30
1824N/Adefault_md          = sha1
1824N/Apreserve            = no
1824N/A
1824N/Apolicy              = policy_anything
1824N/A
1824N/A[ policy_match ]
1824N/AcountryName         = match
1824N/AstateOrProvinceName = match
1824N/AorganizationName    = match
1824N/AorganizationalUnitName  = optional
1824N/AcommonName          = supplied
1824N/AemailAddress        = optional
1824N/A
1824N/A[ policy_anything ]
1824N/AcountryName         = optional
1824N/AstateOrProvinceName = optional
1824N/AlocalityName        = optional
1824N/AorganizationName    = optional
1824N/AorganizationalUnitName  = optional
1824N/AcommonName          = supplied
1824N/AemailAddress        = optional
1824N/A
1824N/A[ req ]
1824N/Adefault_bits        = 1024
1824N/Adefault_keyfile     = privkey.pem
1824N/Adistinguished_name  = req_distinguished_name
1824N/Aattributes          = req_attributes
1824N/Ax509_extensions     = v3_ca
1824N/A
1824N/Astring_mask = nombstr
1824N/A
1824N/A[ req_distinguished_name ]
1824N/AcountryName         = Country Name (2 letter code)
1824N/AcountryName_default = NO
1824N/AcountryName_min     = 2
1824N/AcountryName_max     = 2
1824N/A
1824N/AstateOrProvinceName = State or Province Name (full name)
1824N/AstateOrProvinceName_default  = A-State
1824N/A
1824N/AlocalityName        = Locality Name (eg, city)
1824N/A
1824N/A0.organizationName  = Organization Name (eg, company)
1824N/A0.organizationName_default   = Internet Widgits Pty Ltd
1824N/A
1824N/AorganizationalUnitName       = Organizational Unit Name (eg, section)
1824N/A
1824N/AcommonName              = Common Name (eg, YOUR name)
1824N/AcommonName_max          = 64
1824N/A
1824N/AemailAddress            = Email Address
1824N/AemailAddress_max        = 64
1824N/A
1824N/A[ req_attributes ]
1824N/AchallengePassword       = A challenge password
1824N/AchallengePassword_min   = 4
1824N/AchallengePassword_max   = 20
1824N/AunstructuredName        = An optional company name
1824N/A
1824N/A
1824N/A[ usr_cert ]
1824N/AkeyUsage                = nonRepudiation, digitalSignature, keyEncipherment
1824N/A
1824N/AsubjectKeyIdentifier    = hash
1824N/AauthorityKeyIdentifier  = keyid,issuer
1824N/A
1824N/A[ v3_req ]
1824N/AbasicConstraints        = CA:FALSE
1824N/AkeyUsage                = nonRepudiation, digitalSignature, keyEncipherment
1824N/AsubjectAltName          = email:example@openjdk.net, RID:1.2.3.4:true
1824N/A
1824N/A[ v3_ca ]
1824N/AsubjectKeyIdentifier    = hash
1824N/AauthorityKeyIdentifier  = keyid:always,issuer:always
1824N/AbasicConstraints        = critical,CA:true
1824N/AkeyUsage                = keyCertSign
1824N/A
1824N/A[ cert_issuer ]
1824N/AsubjectKeyIdentifier    = hash
1824N/AauthorityKeyIdentifier  = keyid:always,issuer:always
1824N/AbasicConstraints        = critical,CA:true
1824N/AkeyUsage                = keyCertSign
1824N/A
1824N/A
1824N/A[ crl_issuer ]
1824N/AsubjectKeyIdentifier    = hash
1824N/AauthorityKeyIdentifier  = keyid:always,issuer:always
1824N/AkeyUsage                = cRLSign
1824N/A
1824N/A
1824N/A[ crl_ext ]
1824N/AauthorityKeyIdentifier  = keyid:always,issuer:always
1824N/A
1824N/A[ ee_of_subca ]
1824N/AkeyUsage    = nonRepudiation, digitalSignature, keyEncipherment, keyAgreement
1824N/A
1824N/AsubjectKeyIdentifier    = hash
1824N/AauthorityKeyIdentifier  = keyid,issuer