ca-scripts/ca-scripts.conf
2010-02-14 06:58:41 +00:00

49 lines
1.8 KiB
Text

# example ca-scripts configuration file
# REQUIRED: CA_HOME provides the path to the root of the CA directory tree
# this directory must exist and be writeable
#CA_HOME="/etc/ssl/ca"
CA_HOME="/tmp/ca"
# REQUIRED: CA_DOMAIN provides a template for other optional variables and
# the filenames that are generated within the directory tree
CA_DOMAIN="example.com"
# OPTIONAL: CA_NAME is the internal templating variable for filenames etc
# Defaults to:
# CA_NAME="$( echo $CA_DOMAIN | tr 'A-Z' 'a-z' | tr -c '-a-z0-9' '_' )"
# REQUIRED: CA_DN_* configures the Distinguished Name fields present in the
# CA certificate generated by ca-init
CA_DN_C="GB"
CA_DN_ST="London"
CA_DN_L="Example House, Mayfair"
CA_DN_O="Example Security Services Ltd."
CA_DN_OU="Example Internet Encryption Division"
CA_DN_CN="Example Security Services Root Certificate Authority"
# OPTIONAL: CA_DESC configures a single-line description for your CA
# using the CN= or O= line from your DN is recommended
# Default value:
# CA_DESC="$CA_DN_CN"
# OPTIONAL: CA_EMAIL provides an e-mail address that is embedded into all
# generated certificates as a point-of-contact
# Default value:
# CA_EMAIL="ca@$CA_DOMAIN"
# OPTIONAL: CA_CRT_URI and CA_CRL_URI provide locations where the CA
# certificate and revocation lists can be found
# Default value:
# CA_CRT_URI="http://$CA_DOMAIN/ca/$CA_NAME.ca.crt"
# CA_CRL_URI="http://$CA_DOMAIN/ca/$CA_NAME.ca.crl"
# OPTIONAL: CA_CRT_BITS sets the default key length for generated keys.
# Default value:
# CA_CRT_BITS=2048
# OPTIONAL: CA_PATHLEN sets the maximum number of intermediate CA certificates
# that can be in the chain of authority between the root CA and the
# final certificate.
# Default value:
# CA_PATHLEN=0