Annotate

certs/openssl.cnf @ 4015:a35fa3368626

util.filters: Add remove_filter_hook()
author Matthew Wild <mwild1@gmail.com>
date Wed, 22 Dec 2010 16:46:19 +0000
parent 3826:be89be2cab26
child 4098:7d687c348295
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
3824
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
1 oid_section = new_oids
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
2
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
3 [ new_oids ]
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
4
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
5 # RFC 3920 section 5.1.1 defines this OID
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
6 xmppAddr = 1.3.6.1.5.5.7.8.5
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
7
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
8 # RFC 4985 defines this OID
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
9 SRVName = 1.3.6.1.5.5.7.8.7
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
10
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
11 [ req ]
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
12
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
13 default_bits = 4096
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
14 default_keyfile = example.com.key
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
15 distinguished_name = distinguished_name
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
16 req_extensions = v3_extensions
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
17 x509_extensions = v3_extensions
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
18
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
19 # ask about the DN?
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
20 prompt = no
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
21
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
22 [ distinguished_name ]
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
23
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
24 commonName = example.com
3826
be89be2cab26 certs/openssl.cnf: Change countryName from UK to GB
Matthew Wild <mwild1@gmail.com>
parents: 3824
diff changeset
25 countryName = GB
3824
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
26 localityName = The Internet
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
27 organizationName = Your Organisation
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
28 organizationalUnitName = XMPP Department
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
29 emailAddress = xmpp@example.com
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
30
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
31 [ v3_extensions ]
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
32
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
33 # for certificate requests (req_extensions)
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
34 # and self-signed certificates (x509_extensions)
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
35
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
36 basicConstraints = CA:FALSE
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
37 keyUsage = digitalSignature,keyEncipherment
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
38 extendedKeyUsage = serverAuth,clientAuth
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
39 subjectAltName = @subject_alternative_name
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
40
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
41 [ subject_alternative_name ]
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
42
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
43 # See http://tools.ietf.org/html/draft-ietf-xmpp-3920bis#section-13.7.1.2 for more info.
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
44
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
45 DNS.0 = example.com
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
46 otherName.0 = xmppAddr;UTF8:example.com
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
47 otherName.1 = SRVName;IA5STRING:_xmpp-client.example.com
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
48 otherName.2 = SRVName;IA5STRING:_xmpp-server.example.com
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
49
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
50 DNS.1 = conference.example.com
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
51 otherName.3 = xmppAddr;UTF8:conference.example.com
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
52 otherName.4 = SRVName;IA5STRING:_xmpp-server.conference.example.com