####################################################################
[ CA_default ]
-dir = ./demoCA # Where everything is kept
+dir = ${ENV::ca_dir} # Where everything is kept
certs = $dir/certs # Where the issued certs are kept
crl_dir = $dir/crl # Where the issued crl are kept
database = $dir/index.txt # database index file.
# several certs with same subject.
new_certs_dir = $dir/newcerts # default place for new certs.
-certificate = $dir/cacert.pem # The CA certificate
+certificate = $dir/ca.pem # The CA certificate
serial = $dir/serial # The current serial number
crlnumber = $dir/crlnumber # the current crl number
# must be commented out to leave a V1 CRL
crl = $dir/crl.pem # The current CRL
-private_key = $dir/private/cakey.pem# The private key
+private_key = $dir/private/ca.key # The private key
x509_extensions = usr_cert # The extensions to add to the cert
[ tsa_config1 ]
# These are used by the TSA reply generation only.
-dir = ./demoCA # TSA root directory
+dir = ${ENV::ca_dir} # TSA root directory
serial = $dir/tsaserial # The current serial number (mandatory)
crypto_device = builtin # OpenSSL engine to use for signing
signer_cert = $dir/tsacert.pem # The TSA signing certificate
# (optional)
-certs = $dir/cacert.pem # Certificate chain to include in reply
+certs = $dir/ca.pem # Certificate chain to include in reply
# (optional)
-signer_key = $dir/private/tsakey.pem # The TSA private key (optional)
+signer_key = $dir/private/tsa.key # The TSA private key (optional)
signer_digest = sha256 # Signing digest to use. (Optional)
default_policy = tsa_policy1 # Policy if request did not specify it
# (optional)
projects / server.git / commitdiff