[ ca ]
default_ca		= CA_default

[ CA_default ]
dir			= ./cert/
certs			= $dir
crl_dir			= $dir/crl
database		= db/index.txt
new_certs_dir		= $dir
certificate		= $dir/server.pem
serial			= db/serial
crl			= $dir/crl.pem
private_key		= $dir/server.key
RANDFILE		= $dir/.rand
name_opt		= ca_default
cert_opt		= ca_default
default_days		= 6000
default_crl_days	= 30
default_md		= sha256
preserve		= no
policy			= policy_match

[ policy_match ]
countryName		= match
stateOrProvinceName	= match
organizationName	= match
organizationalUnitName	= optional
commonName		= supplied
emailAddress		= optional

[ policy_anything ]
countryName		= optional
stateOrProvinceName	= optional
localityName		= optional
organizationName	= optional
organizationalUnitName	= optional
commonName		= supplied
emailAddress		= optional

[ req ]
prompt			= no
distinguished_name	= server
default_bits		= 2048
input_password		= whatever2020
output_password		= whatever2020

[server]
countryName             = AT
stateOrProvinceName     = Radius
localityName            = Somewhere
organizationName        = Example Inc.
emailAddress            = admin@example.org
commonName              = "Example Certificate Authority"