Add cert configuration for an untrusted voms

t/conf.d/untrusted_voms.conf

+
+[ untrusted_voms ]
+
+default_bits           = 2048
+default_keyfile        = ${ENV::CA_NAME}/certs/untrusted_voms.key.pem
+distinguished_name     = untrusted_voms_dn
+prompt                 = no
+encrypt_key            = no
+default_md             = sha512
+x509_extensions        = untrusted_voms_extensions
+
+[ untrusted_voms_dn ]
+
+C                      = IT
+O                      = IGI
+CN                     = untrusted-voms.example
+
+[ untrusted_voms_extensions ]
+
+basicConstraints       = critical,CA:FALSE
+subjectKeyIdentifier   = hash
+keyUsage               = critical, digitalSignature
+extendedKeyUsage       = serverAuth, clientAuth
+authorityKeyIdentifier = keyid, issuer
+subjectAltName         = DNS:untrusted-voms.example