Cert Issue — OwnCA (demo)

Issuer & profile

Issuer CA *

Profile

Key & validity

Algorithm

GOST paramset

Validity (days)

External CSR (optional)

Upload a CSR to use an externally generated key pair. Leave empty to generate the key server-side.

Subject

Common Name (CN) *

Country (C)

State (ST)

Locality (L)

Organization (O)

Organizational Unit (OU)

Subject Alternative Names

DNS names

IP addresses

Email addresses

URIs

otherName entries (one per line, openssl format)

Key Usage (OID 2.5.29.15)

Digital signature Non-repudiation Key encipherment Data encipherment Key agreement Certificate signing CRL signing Encipher only Decipher only

Mark Key Usage as critical

Extended Key Usage (OID 2.5.29.37)

Mark EKU as critical

Distribution-point overrides (blank = inherit from issuing CA)

CRL URL

AIA URL

OCSP URL

SIA URL

Delta-CRL URL

Subject / Authority Key Identifiers

Include subjectKeyIdentifier Include authorityKeyIdentifier AKI include issuer:always

Custom OID values

Add ad-hoc OIDs to embed as critical or non-critical extensions. Each row becomes one openssl line.

Extra openssl extension lines

Raw openssl.cnf extension lines, one per line. Used verbatim in the extfile.

Issue a certificate