#
# OpenSSL configuration file for U of Armed Forces cert requests.
#

# This definition stops the following lines choking if HOME isn't
# defined.
HOME			= .
RANDFILE		= $ENV::HOME/.rnd

[ req ]
default_bits		= 2048
default_keyfile 	= privkey.pem
distinguished_name	= req_distinguished_name
string_mask = nombstr
req_extensions = v3_req

[ req_distinguished_name ]
countryName				= Country Name
countryName_default		= DE 
countryName_min			= 2
countryName_max			= 2

0.organizationName		= Organization Name
0.organizationName_default	= GridGermany

organizationalUnitName		= Organizational Unit Name
organizationalUnitName_default	= Universitaet der Bundeswehr Muenchen

commonName			= Common Name (Your name / FQHN)
commonName_max			= 64

emailAddress			= Email Address
emailAddress_max		= 64

[ v3_req ]

nsCertType = server, client, email, objsign
nsComment			= "OpenSSL Generated Certificate"
subjectKeyIdentifier=hash
basicConstraints = critical,CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment