You use the configuration file to generate a certificate for the Mirage Gateway server.
Procedure
- Create a configuration file in C:\certs named server.conf.
- Add the required information to the configuration file.
Change the information in italics to match your environment.
[ ca ]
default_ca = myca
[ crl_ext ]
authorityKeyIdentifier=keyid:always
[ myca ]
dir = ./
new_certs_dir = $dir
unique_subject = no
certificate = $dir/root.cer
database = $dir/certindex
private_key = $dir/privkey.pem
serial = $dir/certserial
default_days = #ofdays
default_md = sha512
policy = myca_policy
x509_extensions = myca_extensions
crlnumber = $dir/crlnumber
default_crl_days = #ofcrldays
[ myca_policy ]
commonName = supplied
stateOrProvinceName = optional
localityName = optional
countryName = optional
emailAddress = optional
organizationName = optional
organizationalUnitName = optional
[ myca_extensions ]
basicConstraints = CA:false
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always
keyUsage = digitalSignature,keyEncipherment,dataEncipherment
extendedKeyUsage = serverAuth
# Alternative Subject Name defined in alt_names
# subjectAltName = @alt_names
[alt_names]
# if it contains dns type name, then it MUST be used and CN of subject MUST be ignored. Please refer to rfc2818 for details.
# following items as example:
#dns.1=*.miragedomain.com
#dns.2=*.example.com
#ofdays is the number of days the certificate is valid. #ofcrldays is the number of days before the next CRL.
Results
The OpenSSL configuration file for the Mirage Gateway server is created.
What to do next
Generate the certificate request.