###--------------------------------------------------------------------------
### Defaults.
-RANDFILE = /dev/urandom
+RANDFILE = /dev/random
db_suffix =
###--------------------------------------------------------------------------
[tls-client-extensions]
basicConstraints = critical, CA:FALSE
-keyUsage = critical, digitalSignature
+keyUsage = critical, digitalSignature, keyEncipherment
extendedKeyUsage = clientAuth
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer:always