[ ca ]
default_ca      	= CA_default            # The default ca section


[ CA_default ]


dir             	= d:\\ram\\certifyingauthority\\config
certs          	= $dir\\certs            	# Where the issued certs are kept
crl_dir        	= $dir\\crl            		# Where the issued crl are kept
database       	= $dir\\index.dat       	# database index file.
new_certs_dir   	= $dir\\newcerts         	# default place for new certs.

certificate     	= $dir\\ccaS.cer     		# The CA certificate
serial         	= $dir\\serial.txt          	# The current serial number
crl             	= $dir\\crl\\Encrypt.crl      	# The current CRL
private_key     	= A:\\ccaS.key		# The private key
RANDFILE        	= $dir\\.rand    		# private random number file

default_days    	= 365                   	# how long to certify for
default_crl_days	= 30                    	# how long before next CRL
default_md      	= md5                   	# which md to use.
preserve        	= no                    	# keep passed DN ordering
policy          	= policy_match 



# For the CA policy
[ policy_match ]
countryName            	= match
stateOrProvinceName     	= supplied
organizationName        	= supplied
organizationalUnitName  	= optional
commonName              	= supplied
emailAddress           		= optional




# For the 'anything' policy
# At this point in time, you must list all acceptable 'object'
# types.
[ policy_anything ]
[ policy_anything ]
countryName             	= optional
stateOrProvinceName     	= optional
localityName            	= optional
organizationName        	= optional
organizationalUnitName 		= optional
commonName              	= supplied
emailAddress            	= optional



[ req ]
default_bits            	= 2048
default_keyfile         	= privkey.pem
distinguished_name      	= req_distinguished_name
attributes              	= req_attributes
x509_extensions 			= v3_ca # The extentions to add to the self signed cert
#string_mask 			= nombstr
prompt				= no



#[ req_distinguished_name ]
countryName                     	= Country Name (2 letter code)
countryName_default             	= IN
countryName_min                 	= 2
countryName_max                 	= 2

stateOrProvinceName             	= State or Province Name (full name)
stateOrProvinceName_default  		= Some-State

localityName                    	= Locality Name (eg, city)
   
0.organizationName              	= Organization Name (eg, company)
0.organizationName_default      	= some-organization

organizationalUnitName          	= Organizational Unit Name (eg, section)

commonName                      	= Common Name (eg, YOUR name)
commonName_max                  	= 64

emailAddress                    	= Email Address
emailAddress_max                	= 40

# SET-ex3 = SET extension number 3



[ req_attributes ]
challengePassword               	= A challenge password
#challengePassword_min           	= 4
#challengePassword_max           	= 20

unstructuredName                	= An optional company name



[ usr_cert ]
basicConstraints 		= CA:FALSE
keyUsage = digitalSignature,nonRepudiation

[ usr_enccert ]
basicConstraints 		= CA:FALSE
keyUsage = dataEncipherment

[ v3_req ]
basicConstraints 		= CA:FALSE
#keyUsage = nonRepudiation, digitalSignature, keyEncipherment
keyUsage =  digitalSignature,nonRepudiation

[ v3_encreq ]
basicConstraints 		= CA:FALSE
#keyUsage = nonRepudiation, digitalSignature, keyEncipherment
keyUsage =  dataEncipherment

[ v3_ca ]
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always,issuer:always
basicConstraints = CA:TRUE
keyUsage = digitalSignature,nonRepudiation

[ crl_ext ]

                                                                   

[ req_distinguished_name ]
countryName   =IN
stateOrProvinceName   =gjgjj
organizationName   =FH
organizationalUnitName  =fffgff
commonName    =abc
emailAddress   =gf
localityName   =bhghgj