#
-# custom openssl configuration file
-# based on csr.sh from http://wiki.cacert.org/wiki/VhostTaskForce
+# apache2-cn openssl configuration file
#
[ req ]
-default_bits = 1024
+default_bits = 2048
default_keyfile = /var/lib/misc/HOST_privatekey.pem
distinguished_name = req_distinguished_name
prompt = no
req_extensions = v3_req
[ req_distinguished_name ]
-countryName = HR
-#stateOrProvinceName =
-#localityName =
-organizationName = DOMAIN
-#organizationalUnitName =
-commonName = HOST
-emailAddress = WEBMASTER
+countryName = HR
+organizationName = DOMAIN
+commonName = HOST
+emailAddress = WEBMASTER
[ v3_req ]
subjectAltName=DNS:HOST,DNS:www.DOMAIN,DNS:mail.DOMAIN,DNS:ldap.DOMAIN,DNS:webmail.DOMAIN