/usr/share/pki/ca/conf/subsystemCert.profile is in pki-ca 10.6.0-1ubuntu2.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 | #
# Subsystem Certificate
#
id=subsystemCert.profile
name=All Purpose SSL server cert Profile
description=This profile creates a subsystem certificate that is valid for SSL client
profileIDMapping=caSubsystemCert
profileSetIDMapping=serverCertSet
list=2,4,5,6,7
2.default.class=com.netscape.cms.profile.def.ValidityDefault
2.default.name=Validity Default
2.default.params.range=720
2.default.params.startTime=0
4.default.class=com.netscape.cms.profile.def.AuthorityKeyIdentifierExtDefault
4.default.name=Authority Key Identifier Default
5.default.class=com.netscape.cms.profile.def.AuthInfoAccessExtDefault
5.default.name=AIA Extension Default
5.default.params.authInfoAccessADEnable_0=true
5.default.params.authInfoAccessADLocationType_0=URIName
5.default.params.authInfoAccessADLocation_0=
5.default.params.authInfoAccessADMethod_0=1.3.6.1.5.5.7.48.1
5.default.params.authInfoAccessCritical=false
5.default.params.authInfoAccessNumADs=1
6.default.class=com.netscape.cms.profile.def.KeyUsageExtDefault
6.default.name=Key Usage Default
6.default.params.keyUsageCritical=true
6.default.params.keyUsageDigitalSignature=true
6.default.params.keyUsageNonRepudiation=true
6.default.params.keyUsageDataEncipherment=true
6.default.params.keyUsageKeyEncipherment=true
6.default.params.keyUsageKeyAgreement=false
6.default.params.keyUsageKeyCertSign=false
6.default.params.keyUsageCrlSign=false
6.default.params.keyUsageEncipherOnly=false
6.default.params.keyUsageDecipherOnly=false
7.default.class=com.netscape.cms.profile.def.ExtendedKeyUsageExtDefault
7.default.name=Extended Key Usage Extension Default
7.default.params.exKeyUsageCritical=false
7.default.params.exKeyUsageOIDs=1.3.6.1.5.5.7.3.2
|