# Fichiers de configuration des demandes de certificats 
# Certificate Signing Request (CSR)

[ req ]
# définitions des options pour openssl req
default_bits        = 2048
distinguished_name  = distinguished_name
string_mask         = utf8only

# Extensions à ajouter à la requete de certificat
req_extensions = x509v3_webserver

# SHA-1 is deprecated, so use SHA-2 instead.
default_md          = sha256


[ distinguished_name ]
countryName                     = Country Name (2 letter code)
countryName_default             = FR
countryName_min                 = 2
countryName_max                 = 2

stateOrProvinceName             = State or Province Name
stateOrProvinceName_default     = France

localityName                    = Locality Name
localityName_default            = Haute Garonne

0.organizationName              = Organization Name
0.organizationName_default      = Mairie de Tournefeuille

organizationalUnitName          = Organizational Unit Name
organizationalUnitName_default  = Service informatique

emailAddress                    = Email Address
emailAddress_default            = administrateur@mairie-tournefeuille.fr

commonName                      = Common Name (user name, hostname or FQDN)
commonName_max                  = 64


[ x509v3_webserver ]
basicConstraints = CA:FALSE
nsCertType = server
nsComment = "OpenSSL Generated Server Certificate"
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
extendedKeyUsage = serverAuth
subjectAltName = @alt_names

[ alt_names ]
#IP.1 = 192.168.33.123
#IP.n = x.x.x.x
DNS.1 = www.example.com
DNS.2 = 4w.example.com
#DNS.n = *.exemple.fr