| | 1 | ### -*-tcl-*- |
| | 2 | |
| | 3 | set C(ca-owner) "root" |
| | 4 | set C(ca-group) "ca" |
| | 5 | |
| | 6 | set C(ca-name) { |
| | 7 | countryName "GB" |
| | 8 | stateOrProvinceName "Cambridgeshire" |
| | 9 | localityName "Cambridge" |
| | 10 | organizationName "distorted.org.uk" |
| | 11 | commonName "distorted.org.uk Certificate Authority" |
| | 12 | emailAddress "ca@distorted.org.uk" |
| | 13 | } |
| | 14 | |
| | 15 | set P(tls-client) { |
| | 16 | extensions tls-client-extensions |
| | 17 | issue-time "*-*-* 00:00:00" |
| | 18 | start-skew 1 |
| | 19 | expire-interval 32 |
| | 20 | } |
| | 21 | |
| | 22 | set P(tls-server) { |
| | 23 | extensions tls-server-extensions |
| | 24 | issue-time "*-*-* 00:00:00" |
| | 25 | start-skew 1 |
| | 26 | expire-interval 32 |
| | 27 | } |
| | 28 | |
| | 29 | set P(tls-server-longterm) { |
| | 30 | extensions tls-server-extensions |
| | 31 | issue-time "*-*-* 00:00:00" |
| | 32 | start-skew 1 |
| | 33 | expire-interval 43838 |
| | 34 | } |
| | 35 | |
| | 36 | proc update-hook {} { |
| | 37 | exec 2>@stderr rsync -av --delete-after ca.cert crl cert req publish/ |
| | 38 | exec 2>@stderr userv root publish-ca |
| | 39 | } |
~mdw / ca / blame_incremental