You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
27 lines
506 B
27 lines
506 B
2 years ago
|
ca_key_types:
|
||
|
|
- { name: rsa2048, type: RSA, size: 2048 }
|
||
|
|
- { name: ecc384, type: ECC, curve: secp384r1, digest: sha384 }
|
||
|
|
|
||
|
|
ca_key_names: "{{ ca_key_types | map(attribute='name') | list }}"
|
||
|
|
|
||
|
|
ca_default_items:
|
||
|
|
- { type: ecc384 }
|
||
|
|
- { type: rsa2048 }
|
||
|
|
|
||
|
|
ca_dir: /etc/ca
|
||
|
|
|
||
|
|
ca_rp: root-
|
||
|
|
ca_ip: inter-
|
||
|
|
ca_crt_ext: crt
|
||
|
|
ca_key_ext: key
|
||
|
|
ca_csr_ext: csr
|
||
|
|
ca_pfx_ext: pfx
|
||
|
|
|
||
|
|
# when to start to reissue certs
|
||
|
|
ca_reissue_period: 8w
|
||
|
|
|
||
|
|
ca_options: {}
|
||
|
|
|
||
|
|
crl_last_update_time: +8w
|
||
|
|
crl_next_update_time: +24w
|
||
|
|
crl_dir: /opt/crl
|