# http://spin.atomicobject.com/2014/05/12/openssl-commands/
[ req ]
prompt = no
default_bits = 2048
encrypt_key = no
distinguished_name = req_distinguished_name

[ca]
default_ca = CA_default

[ CA_default ]
# Directory and file locations.
dir               = "."
certs             = $dir
crl_dir           = $dir
new_certs_dir     = $dir
database          = $dir/index.txt
serial            = $dir/serial
RANDFILE          = $dir/.rand
string_mask = utf8only
default_md        = sha256

# For certificate revocation lists.
crlnumber         = $dir/crlnumber
crl               = $dir/ca.crl.pem
default_crl_days  = 30

#req_extensions = v3_req

[ req_distinguished_name ]
C=FR
ST=Ile de France
L=Paris
O=Example Fake PKI
CN=Example Fake CA

#[ v3_req ]

#basicConstraints = CA:FALSE
#keyUsage = nonRepudiation, digitalSignature, keyEncipherment