# X.509 Certificate options
organization = "Koko inc."
unit = "sleeping dept."
locality = "foobar"
state = "Attiki"
country = GR
cn = "Cindy Lauper"
uid = "clauper"
dc = "name"
dc = "domain"
serial = 1234
dns_name = "localhost"
# Use -1 if there is no expiration date.
expiration_days = -1
email = "none@none.org"
signing_key
encryption_key
cert_signing_key
crl_signing_key
data_encipherment
non_repudiation
tls_www_client
tls_www_server
code_signing_key
ocsp_signing_key
time_stamping_key
email_protection_key
ipsec_ike_key
# for any purpose (must not be used in intermediate CA certificates)
key_purpose_oid = 2.5.29.37.0