opensips-tlsmgm-module 2.2.2-3 / etc / opensips / tls / ca.conf

This file is indexed.

/etc/opensips/tls/ca.conf is in opensips-tlsmgm-module 2.2.2-3.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below. 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
#
# Default configuration to use  when one
# is not provided on the command line.
#
[ ca ]
default_ca = local_ca


#
# Default location  of  directories  and
# files needed to generate certificates.
#
[ local_ca ]
dir              = ./rootCA
certificate      = $dir/cacert.pem
database         = $dir/index.txt
new_certs_dir    = $dir/certs
private_key      = $dir/private/cakey.pem
serial           = $dir/serial


#
# Default   expiration   and  encryption
# policies for certificates.
#
default_crl_days = 365
default_days     = 1825
default_md       = sha1

policy = local_ca_policy
x509_extensions = local_ca_extensions


#
# Default policy to use  when generating
# server   certificates.  The  following
# fields  must  be defined in the server
# certificate.
#
[ local_ca_policy ]
commonName             = supplied
stateOrProvinceName    = supplied
countryName            = supplied
emailAddress           = supplied
organizationName       = supplied
organizationalUnitName = supplied


#
# x509 extensions to use when generating
# server certificates.
#
[ local_ca_extensions ]
#subjectAltName      = DNS:altname.somewhere.com
basicConstraints    = CA:false
nsCertType          = server


#
# The   default   policy   to  use  when
# generating the root certificate.
#
[ req ]
default_bits        = 2048
default_keyfile     = ./private/cakey.pem
default_md          = sha1

prompt              = no
distinguished_name  = root_ca_distinguished_name
x509_extensions     = root_ca_extensions


#
# Root  Certificate  Authority   distin-
# guished name.  Changes these fields to
# your local environment.
#
[ root_ca_distinguished_name ]
commonName          = Your_NAME          # please update
stateOrProvinceName = Your_STATE         # please update
countryName         = CO                 # please update
emailAddress        = YOUR_EMAIL         # please update
organizationName    = YOUR_ORG_NAME      # please update

[ root_ca_extensions ]
basicConstraints    = CA:true
subjectAltName      = email:copy
issuerAltName       = issuer:copy

APT Browse - Built by Thomas Orozco.