HOME            = /etc/docker/ssl
RANDFILE        = $ENV::HOME/.rnd

####################################################################
[ req ]
default_bits        = 2048
default_keyfile     = $HOME/client.key
distinguished_name  = server_distinguished_name
req_extensions      = server_req_extensions
string_mask         = utf8only

####################################################################
[ server_distinguished_name ]
countryName             = Country Name (2 letter code)
countryName_default     = US

stateOrProvinceName         = State or Province Name (full name)
stateOrProvinceName_default = New York

localityName                = Locality Name (eg, city)
localityName_default        = New York City

organizationName            = Organization Name (eg, company)
organizationName_default    = Contained.AF

organizationalUnitName          = Organizational Unit (eg, division)
organizationalUnitName_default  = Tupperware Hackers

commonName              = Common Name (e.g. server FQDN or YOUR name)
commonName_default      = Contained.AF CA

emailAddress                = Email Address
emailAddress_default        = no-reply@contained.af

####################################################################
[ server_req_extensions ]

subjectKeyIdentifier    = hash
basicConstraints        = CA:FALSE
keyUsage                = digitalSignature, keyEncipherment
extendedKeyUsage 		= clientAuth
subjectAltName          = @alternate_names
nsComment               = "OpenSSL Generated Certificate"

####################################################################
[ alternate_names ]

DNS.1 = localhost
IP.1 = 127.0.0.1