Each line defines an entry in the x509v3 extensions specification of the target for which the certificate will be generated. It is possible to remove one or more lines and to add new ones. Also, the current parameters can be updated. It is important to have at least a well defined basicConstraints. In case of authority, the value CA:TRUE should be defined. In case of final certificate, the value CA:FALSE should be used instead. Anyway, the details about certificates content and extensions is out of scope.
;subjectAltName=DNS:192.168.1.121,DNS:NOAH,DNS:NOAH.sophia.metrixsystems.com ;subjectKeyIdentifier=hash ;authorityKeyIdentifier=keyid,issuer:always ;keyUsage=nonRepudiation,digitalSignature,keyEncipherment basicConstraints=CA:TRUE
