[ req ]
distinguished_name	= req_distinguished_name
x509_extensions		= v3_ca 
[ req_distinguished_name ]
commonName		= Common Name
commonName_max		= 64
[ v3_ca ]
subjectKeyIdentifier	= hash
authorityKeyIdentifier	= keyid:always,issuer:always
basicConstraints	= CA:true
[ ca ]
default_ca		= CA_default
[ CA_default ]
dir			= @TMPDIR@
certs			= $dir/certs
crl_dir			= $dir/crl
database		= $dir/index.txt
unique_subjecta		= no  
new_certs_dir		= $dir/newcerts
certificate		= $dir/ca.crt
serial			= $dir/serial 
crl			= $dir/crl.pem 
private_key		= $dir/self.key
x509_extensions		= usr_cert
name_opt 		= ca_default
cert_opt 		= ca_default
default_days		= 365
default_crl_days	= 30
crl_extensions		= crl_ext
default_md		= sha256
preserve		= no
policy			= policy_test
[ policy_test ]
commonName		= supplied
[ usr_cert ]
basicConstraints	= CA:FALSE
subjectKeyIdentifier	= hash
authorityKeyIdentifier	= keyid,issuer:always
crlDistributionPoints	= URI:file://@TMPDIR@/crl.pem
[ crl_ext ]
authorityKeyIdentifier	= keyid:always,issuer:always