File: r509 — Documentation by YARD 0.8.2.1

certificate_authorities: {
test_ca: {
    ca_cert: {
        cert: 'spec/fixtures/test_ca.cer',
        key: 'spec/fixtures/test_ca.key'
    },
    ocsp_cert: {
        :pkcs12: 'spec/fixtures/test_ca_ocsp.p12',
        :password: 'r509'
    },
    ocsp_location: 'URI:http://ocsp.domain.com',
    ocsp_chain: 'spec/fixtures/test_ca_ocsp_chain.txt',
    ocsp_start_skew_seconds: 3600,
    ocsp_validity_hours: 168,
    cdp_location: 'URI:http://crl.domain.com/test_ca.crl',
    crl_list: 'spec/fixtures/test_ca_crl_list.txt',
    crl_number: 'spec/fixtures/test_ca_crl_number.txt',
    crl_validity_hours: 168, #7 days
    message_digest: 'SHA1', #SHA1, SHA256, SHA512 supported. MD5 too, but you really shouldn't use that unless you have a good reason
    profiles: {
        server: {
            basic_constraints: "CA:FALSE",
            key_usage: [digitalSignature,keyEncipherment],
            extended_key_usage: [serverAuth],
            certificate_policies: [ [ "policyIdentifier=2.16.840.1.9999999999.1.2.3.4.1", "CPS.1=http://example.com/cps"] ],
            subject_item_policy: {
                CN: "required",
                O:  "required",
                OU: "optional",
                ST: "required",
                C:  "required",
                L:  "required"
            }
        },
        client: {
            basic_constraints: "CA:FALSE",
            key_usage: [digitalSignature,keyEncipherment],
            extended_key_usage: [clientAuth],
            certificate_policies: [ [ "policyIdentifier=2.16.840.1.9999999999.1.2.3.4.2", "CPS.1=http://example.com/cps"] ]
        },
        email: {
            basic_constraints: "CA:FALSE",
            key_usage: [digitalSignature,keyEncipherment],
            extended_key_usage: [emailProtection],
            certificate_policies: [ [ "policyIdentifier=2.16.840.1.9999999999.1.2.3.4.3", "CPS.1=http://example.com/cps"] ]
        },
        clientserver: {
            basic_constraints:  "CA:FALSE",
            key_usage: [digitalSignature,keyEncipherment],
            extended_key_usage: [serverAuth,clientAuth],
            certificate_policies: [ [ "policyIdentifier=2.16.840.1.9999999999.1.2.3.4.4", "CPS.1=http://example.com/cps"] ]
        },
        codesigning: {
            basic_constraints:  "CA:FALSE",
            key_usage: [digitalSignature],
            extended_key_usage: [codeSigning],
            certificate_policies: [ [ "policyIdentifier=2.16.840.1.9999999999.1.2.3.4.5", "CPS.1=http://example.com/cps"] ]
        },
        timestamping: {
            basic_constraints:  "CA:FALSE",
            key_usage: [digitalSignature],
            extended_key_usage: [timeStamping],
            certificate_policies: [ [ "policyIdentifier=2.16.840.1.9999999999.1.2.3.4.6", "CPS.1=http://example.com/cps"] ]
        },
        subroot: {
            basic_constraints:  "CA:TRUE,pathlen:0",
            key_usage: [keyCertSign,cRLSign],
            extended_key_usage: [],
            certificate_policies: [ ]
        }
    }
}
}