1# 2# Net-SNMP Certificate Generation and Management Tool Configuration 3# 4 5# default mode to non-interactive 6# interactive = false 7 8# location of 'tls' directory relative to configuration dir 9# tlsDir = ./tls 10 11# encryptCA = false - XXX not-implemented 12# encryptCrt = false - XXX not-implemented 13 14# default valid lifetime duration for CA certificates 15# caDays = 1825 16 17# default valid lifetime duration for certificates 18# crtDays = 365 19 20# default key types generated 21# keyType = rsa 22 23# default key size generated 24# keySize = 2048 25 26# default type of message digest used 27# msgDigest = sha1 28 29# to set individual defaults, a specific identity may be indicated 30# on the net-snmp-cert command line: '--identity <id>' or '-i <id>' 31# values defined at the global/file level will be used unless 32# overriden by values supplied in the specified identity. 33 34identity = { 35 id = nocadm 36 host = net-snmp.org 37 cn = Client-identity 38 email = admin@net-snmp.org 39 org = Net-SNMP Developers 40 orgUnit = SNMP-DTLS 41 country = US 42 state = MA 43 locality = Boston 44 45 # 10 years 46 caDays = 3654 47 # 2 years 48 crtDays = 730 49 50 subjectAltName = email:client@net-snmp.org 51 subjectAltName = URI:http://net-snmp.org 52}; 53 54identity = { 55 id = CA-identity 56 host = net-snmp.org 57 cn = CA-identity 58 email = ca-admin@net-snmp.org 59 org = Net-SNMP Developers 60 orgUnit = SNMP-DTLS 61 country = US 62 state = MA 63 locality = Boston 64 65 # 10 years 66 caDays = 1000 67 # 2 years 68 crtDays = 500 69 70 subjectAltName = DNS:test.net-snmp.org 71}; 72 73