.include ${ENV::CA_CERT_UTIL_DIR}/ca.cnf
[leaf_cert_san]
# Extensions to add when signing a request for an leaf cert
basicConstraints = critical, CA:false
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always
extendedKeyUsage = serverAuth, clientAuth
subjectAltName = ${ENV::SAN}