sha1 public certs can no longer be loaded on Debian 10 and later
default_days = 365
default_crl_days= 30
default_days = 365
default_crl_days= 30
preserve = no
policy = policy_domtool
preserve = no
policy = policy_domtool
[ req ]
default_bits = 4096
default_keyfile = ${Domtool_Defaults::ca_dir}/private/ca-key.pem
[ req ]
default_bits = 4096
default_keyfile = ${Domtool_Defaults::ca_dir}/private/ca-key.pem
prompt = no
distinguished_name = root_ca_distinguished_name
prompt = no
distinguished_name = root_ca_distinguished_name