[ ca ]
default_ca	= CA_default		# The default ca section

####################################################################
[ CA_default ]
dir             = ./db
certs           = ./db
new_certs_dir   = ./db/ca.db.certs
database        = ./db/ca.db.index
serial          = ./db/ca.db.serial
certificate     = ./certificats/ca.crt
private_key     = ./certificats/ca.key
default_days    = 3000
default_crl_days = 30
default_md      = sha256
preserve        = no
distinguished_name = req_distinguished_name
policy = generic_policy


 [ req ]
 distinguished_name     = req_noms_distingues
 policy = generic_policy
 req_extensions = v3_req

 [ v3_req ]
# Extensions to add to a certificate request
basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
subjectAltName = @alt_names

[alt_names]
DNS.1 = DNSCHANGEME
IP.1 = 0.0.0.0



[ req_noms_distingues ]
organizationName = Organizationnal Name
organizationalUnitName = Organizational Unit Name (department, division) 
emailAddress = Email Address 
emailAddress_max = 40 
localityName = Locality Name (city, district) 
stateOrProvinceName = State or Province Name (full name) 
countryName = Country Name (2 letter code) 
countryName_min = 2 
countryName_max = 2 
commonName = Common Name (hostname, IP, or your name) 
commonName_max = 64 


countryName_default    = FR
organizationName_default   = IMAO-SAS Certificate authority
localityName_default   = Limoges
stateOrProvinceName_default = Limousin
organizationalUnitName_default = Information Technology
emailAddress_default = it@imao-fr.com
commonName_default = Root Certificate


[ generic_policy ]
countryName = optional
stateOrProvinceName = optional
localityName = optional
organizationName = optional
organizationalUnitName = optional
commonName = supplied
emailAddress = optional