| 1 | ### -*-tcl-*- |
| 2 | |
| 3 | set C(ca-owner) "root" |
| 4 | set C(ca-group) "ca" |
| 5 | |
| 6 | set C(ca-name) { |
| 7 | countryName "GB" |
| 8 | stateOrProvinceName "Cambridgeshire" |
| 9 | localityName "Cambridge" |
| 10 | organizationName "distorted.org.uk" |
| 11 | commonName "distorted.org.uk Certificate Authority" |
| 12 | emailAddress "ca@distorted.org.uk" |
| 13 | } |
| 14 | |
| 15 | set P(tls-client) { |
| 16 | extensions tls-client-extensions |
| 17 | issue-time "*-*-* 00:00:00" |
| 18 | start-skew 1 |
| 19 | expire-interval 32 |
| 20 | } |
| 21 | |
| 22 | set P(tls-server) { |
| 23 | extensions tls-server-extensions |
| 24 | issue-time "*-*-* 00:00:00" |
| 25 | start-skew 1 |
| 26 | expire-interval 32 |
| 27 | } |
| 28 | |
| 29 | proc update-hook {} { |
| 30 | exec 2>@stderr rsync -av --delete-after ca.cert crl cert req publish/ |
| 31 | exec 2>@stderr userv root publish-ca |
| 32 | } |