| 1 | ### -*-tcl-*- |
| 2 | |
| 3 | set C(ca-owner) "root" |
| 4 | set C(ca-group) "ca" |
| 5 | |
| 6 | set C(ca-name) { |
| 7 | countryName "GB" |
| 8 | stateOrProvinceName "Cambridgeshire" |
| 9 | localityName "Cambridge" |
| 10 | organizationName "distorted.org.uk" |
| 11 | commonName "distorted.org.uk Certificate Authority" |
| 12 | emailAddress "ca@distorted.org.uk" |
| 13 | } |
| 14 | |
| 15 | set P(tls-client) { |
| 16 | extensions tls-client-extensions |
| 17 | issue-time "*-*-* 00:00:00" |
| 18 | start-skew 1 |
| 19 | expire-interval 32 |
| 20 | } |
| 21 | |
| 22 | set P(tls-server) { |
| 23 | extensions tls-server-extensions |
| 24 | issue-time "*-*-* 00:00:00" |
| 25 | start-skew 1 |
| 26 | expire-interval 32 |
| 27 | } |
| 28 | |
| 29 | set P(tls-server-longterm) { |
| 30 | extensions tls-server-extensions |
| 31 | issue-time "*-03-01 00:00:00" |
| 32 | start-skew 1 |
| 33 | expire-interval 43838 |
| 34 | } |
| 35 | |
| 36 | proc update-hook {} { |
| 37 | global env |
| 38 | if {![info exists env(CA_BODGE)]} { |
| 39 | exec 2>@stderr rsync -rtl --delete-delay \ |
| 40 | ca.cert crl cert req archive \ |
| 41 | sysupl-ca@stratocaster.distorted.org.uk:files/ |
| 42 | } |
| 43 | } |