- SERVICE = demo_burette
+ SERVICE = demo.burette
RANDFILE = var/sec/x509/openssl.rand
oid_section = extra_oids
[ extra_oids ]
jurisdictionOfIncorporationStateOrProvinceName = $ENV::x509_state_or_province
jurisdictionOfIncorporationCountryName = $ENV::x509_country
[ extensions ]
- basicConstraints = critical,CA:TRUE,pathlen:0
- keyUsage = keyCertSign,cRLSign,digitalSignature,keyEncipherment
- subjectAltName = email:contact+$SERVICE@$ENV::x509_host,DNS:burette.heureux-cyclage.org
+ basicConstraints = critical,CA:FALSE,pathlen:0
+ keyUsage = keyEncipherment
+ subjectAltName = email:contact+$SERVICE@$ENV::x509_host,DNS:demo.burette.heureux-cyclage.org
subjectKeyIdentifier = hash
issuerAltName = issuer:copy
authorityKeyIdentifier = keyid:always,issuer:always
[ self_signed_extensions ]
basicConstraints = critical,CA:TRUE,pathlen:0
keyUsage = keyCertSign,cRLSign,digitalSignature,keyEncipherment
- subjectAltName = email:contact+$SERVICE@$ENV::x509_host,DNS:burette.heureux-cyclage.org
+ subjectAltName = email:contact+$SERVICE@$ENV::x509_host,DNS:demo.burette.heureux-cyclage.org
subjectKeyIdentifier = hash
issuerAltName = issuer:copy
authorityKeyIdentifier = keyid:always,issuer:always