1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
| -
!
-
|
|
!
| [ CA_default ]
dir = /root/privateca
certificate = $dir/ca.crt
crl_dir = $dir/ca.crl
private_key = $dir/private/ca.key
x509_extensions = v3_ca
copy_extensions = copy
default_days = 10950
default_md = sha256
email_in_dn = no
[ v3_ca ]
basicConstraints = critical, CA:true
[ req_distinguished_name ]
countryName_default = JP
stateOrProvinceName_default = Tokyo
0.organizationName_default = Paburica
[ vpn_server_cert ]
basicConstraints=critical, CA:FALSE
keyUsage = critical, digitalSignature, keyEncipherment, keyAgreement
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid, issuer
extendedKeyUsage = critical, serverAuth, 1.3.6.1.5.5.8.2.2
[ vpn_client_cert ]
basicConstraints=critical, CA:FALSE
keyUsage = critical, digitalSignature, keyEncipherment
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid, issuer
extendedKeyUsage = critical, clientAuth
crlDistributionPoints = URI:https://<CRLのURI>
|