[ req ]
distinguished_name	= req_distinguished_name
x509_extensions		= v3_ca	# The extentions to add to the self signed cert

string_mask = utf8only

[ v3_ca ]

subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always,issuer:always
basicConstraints = CA:true
keyUsage = cRLSign, keyCertSign

[ usr_cert ]
basicConstraints=CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment

[ usr_cert_ke ]
basicConstraints=CA:FALSE
keyUsage = nonRepudiation, keyEncipherment

[ usr_cert_ds ]
basicConstraints=CA:FALSE
keyUsage = nonRepudiation, digitalSignature


[ req_distinguished_name ]
countryName			= Country Name (2 letter code)
countryName_default		= SE
countryName_min			= 2
countryName_max			= 2

organizationalName		= Organizational Unit Name (eg, section)

commonName			= Common Name (eg, YOUR name)
commonName_max			= 64

#[ req_attributes ]
#challengePassword              = A challenge password
#challengePassword_min          = 4
#challengePassword_max          = 20