# example ca-scripts configuration file
# see ca-scripts.conf(5) for details

# REQUIRED: CA_HOME provides the path to the root of the CA directory tree
#           this directory must exist and be writeable
#CA_HOME="/etc/ssl/ca-scripts"
CA_HOME="/tmp/ca"

# REQUIRED: CA_DOMAIN provides a template for other optional variables and
#           the filenames that are generated within the directory tree
CA_DOMAIN="example.com"

# REQUIRED: CA_DN_* configures the Distinguished Name fields present in the
#           CA certificate generated by ca-init
CA_DN_C="GB"
CA_DN_ST="London"
CA_DN_L="Example House, Mayfair"
CA_DN_O="Example Security Services Ltd."
CA_DN_OU="Example Internet Encryption Division"
CA_DN_CN="Example Security Services Root Certificate Authority"

# OPTIONAL: CA_DESC configures a single-line description for your CA
#           using the CN= or O= line from your DN is recommended
# Default value:
# CA_DESC="$CA_DN_CN"

# OPTIONAL: CA_EMAIL provides an e-mail address that is embedded into all
#           generated certificates as a point-of-contact
# Default value:
# CA_EMAIL="ca@$CA_DOMAIN"

# OPTIONAL: CA_CRT_URI and CA_CRL_URI provide locations where the CA
#           certificate and revocation lists can be found
# Default value:
# CA_CRT_URI="http://$CA_DOMAIN/ca/$CA_NAME.ca.crt"
# CA_CRL_URI="http://$CA_DOMAIN/ca/$CA_NAME.ca.crl"

# OPTIONAL: CA_DAYS, CA_CRT_DAYS and CA_CRL_DAYS set the default validity
#           period for the CA cert, certificates and revocation lists.
# Default value:
# CA_DAYS=3652
# CA_CRT_DAYS=365
# CA_CRL_DAYS=365

# OPTIONAL: CA_CRT_BITS sets the default key length for generated keys.
# Default value:
# CA_CRT_BITS=2048

# OPTIONAL: CA_CRT_TYPE sets the default type of generated certificate.
# Default value:
# CA_CRT_TYPE="server"

# OPTIONAL: CA_PATHLEN sets the maximum number of intermediate CA certificates
#           that can be in the chain of authority between the root CA and the
#           final certificate.
# Default value:
# CA_PATHLEN=0