fuzz/conf_corpus/4beed6b185c0a4958b7e4b5cbd272e78859c076b - boringssl - Git at Google

 # [ usr_cert ]

 # These extensions are added when 'ca' signs a request for an end entity
 # certificate

 basicConstraints=critical, CA:FALSE
 keyUsage=critical, nonRepudiation, digitalSignature, keyEncipherment

 # This will be displayed in Netscape's comment listbox.
 nsComment			= "OpenSSL Generated Certificate"

 #
 # OpenSSL configuration file to create apps directory certificates
 #

 # This definition stops the following lines choking if HOME or CN
 # is undefined.
 HOME			= .
 RANDFILE		= $ENV::HOME/.rnd
 CN			= "Not Defined"

 ####################################################################
 [ req ]
 default_bits		= 2048
 default_keyfile 	= privkey.pem
 # Don't prompt for fields: use those in section directly
 prompt			= no
 distinguished_name	= req_distinguished_name
 x509_extensions	= v3_ca	# The extensions to add to the self signed cert
 string_mask = utf8only

 # req_extensions = v3_req # The extensions to add to a certificate request

 [ req_distinguished_name ]
 countryName			= UK

 organizationName		= OpenSSL Group
 organizationalUnitName		= FOR TESTING PURPOSES ONLY
 # Take CN from environment so it can come from a script.
 commonName			= $ENV::CN

 [ usr_cert ]

 # These extensions are added when 'ca' signs a request for an end entity
 # certificate

 basicConstraints=critical, CA:FALSE
 keyUsage=critical, nonRepudiation, digitalSignature, keyEncipherment

 # This will be displayed in Netscape's comment listbox.
 nsComment			= "OpenSSL Generated Certificate"

 [ ec_cert ]

 # These extensions are added when 'ca' signs a request for an end entity
 # certificate

 basicConstraints=critical, CA:FALSE
 keyUsage=critical, nonRepudiation, digitalSignature, keyAgreement

 # This will be displayed in Netscape's comment listbox.
 nsComment			= "OpenSSL Generated Certificate"

 # PKIX recommendations harmless if included in all certificates.
 subjectKeyIdentifier=hash
 authorityKeyIdentifier=keyid

 [ v3_ca ]


 # Extensions for a typical CA

 # PKIX recommendation.

 subjectKeyIdentifier=hash
 authorityKeyIdentifier=keyid:always
 basicConstraints = critical,CA:true
 keyUsage = critical, cRLSign, keyCertSign
	# [ usr_cert ]

	# These extensions are added when 'ca' signs a request for an end entity
	# certificate

	basicConstraints=critical, CA:FALSE
	keyUsage=critical, nonRepudiation, digitalSignature, keyEncipherment

	# This will be displayed in Netscape's comment listbox.
	nsComment = "OpenSSL Generated Certificate"

	#
	# OpenSSL configuration file to create apps directory certificates
	#

	# This definition stops the following lines choking if HOME or CN
	# is undefined.
	HOME = .
	RANDFILE = $ENV::HOME/.rnd
	CN = "Not Defined"

	####################################################################
	[ req ]
	default_bits = 2048
	default_keyfile = privkey.pem
	# Don't prompt for fields: use those in section directly
	prompt = no
	distinguished_name = req_distinguished_name
	x509_extensions = v3_ca # The extensions to add to the self signed cert
	string_mask = utf8only

	# req_extensions = v3_req # The extensions to add to a certificate request

	[ req_distinguished_name ]
	countryName = UK

	organizationName = OpenSSL Group
	organizationalUnitName = FOR TESTING PURPOSES ONLY
	# Take CN from environment so it can come from a script.
	commonName = $ENV::CN

	[ usr_cert ]

	# These extensions are added when 'ca' signs a request for an end entity
	# certificate

	basicConstraints=critical, CA:FALSE
	keyUsage=critical, nonRepudiation, digitalSignature, keyEncipherment

	# This will be displayed in Netscape's comment listbox.
	nsComment = "OpenSSL Generated Certificate"

	[ ec_cert ]

	# These extensions are added when 'ca' signs a request for an end entity
	# certificate

	basicConstraints=critical, CA:FALSE
	keyUsage=critical, nonRepudiation, digitalSignature, keyAgreement

	# This will be displayed in Netscape's comment listbox.
	nsComment = "OpenSSL Generated Certificate"

	# PKIX recommendations harmless if included in all certificates.
	subjectKeyIdentifier=hash
	authorityKeyIdentifier=keyid

	[ v3_ca ]


	# Extensions for a typical CA

	# PKIX recommendation.

	subjectKeyIdentifier=hash
	authorityKeyIdentifier=keyid:always
	basicConstraints = critical,CA:true
	keyUsage = critical, cRLSign, keyCertSign