# OpenSSL configuration file to create a server certificate
# by Michal Trojnara 1998-2012

[ req ]
# the default key length is secure and quite fast - do not change it
default_bits                    = 2048
# comment out the next line to protect the private key with a passphrase
encrypt_key                     = no
distinguished_name              = req_dn
x509_extensions                 = cert_type

[ req_dn ]
countryName = Country Name (2 letter code)
countryName_default             = PL
countryName_min                 = 2
countryName_max                 = 2

stateOrProvinceName             = State or Province Name (full name)
stateOrProvinceName_default     = Mazovia Province

localityName                    = Locality Name (eg, city)
localityName_default            = Warsaw

organizationName                = Organization Name (eg, company)
organizationName_default        = Stunnel Developers

organizationalUnitName          = Organizational Unit Name (eg, section)
organizationalUnitName_default  = Provisional CA

0.commonName                    = Common Name (FQDN of your server)
0.commonName_default            = localhost

# To create a certificate for more than one name uncomment:
# 1.commonName                  = DNS alias of your server
# 2.commonName                  = DNS alias of your server
# ...
# See http://home.netscape.com/eng/security/ssl_2.0_certificate.html
# to see how Netscape understands commonName.

[ cert_type ]
nsCertType                      = server