Software / code / prosody
Annotate
certs/localhost.cnf @ 12473:bb85be686a01
mod_s2s: Distinguish DANE TLSA errors from generic cert chain errors
Otherwise it would just report "is not trusted" unless you inspect the
logs. This message is sent to to the remote server, and will hopefully
show up in their logs, allowing the admin to fix their DANE setup.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Mon, 25 Apr 2022 14:41:54 +0200 |
| parent | 7693:93c041d5bb0b |
| rev | line source |
|---|---|
|
5924
f44c1dabd4e9
Makefile, certs: Generate example certificates on build, remove the old static one
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
1 [v3_extensions] |
|
7692
90ddd53cbe08
certs/localhost.cnf: Make localhost.crt self-signed (thanks jonas)
Kim Alvefur <zash@zash.se>
parents:
5924
diff
changeset
|
2 basicConstraints = CA:TRUE |
|
5924
f44c1dabd4e9
Makefile, certs: Generate example certificates on build, remove the old static one
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
3 subjectAltName = @subject_alternative_name |
|
f44c1dabd4e9
Makefile, certs: Generate example certificates on build, remove the old static one
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
4 |
|
f44c1dabd4e9
Makefile, certs: Generate example certificates on build, remove the old static one
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
5 [subject_alternative_name] |
|
f44c1dabd4e9
Makefile, certs: Generate example certificates on build, remove the old static one
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
6 DNS.0 = localhost |
|
f44c1dabd4e9
Makefile, certs: Generate example certificates on build, remove the old static one
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
7 otherName.0 = 1.3.6.1.5.5.7.8.7;IA5STRING:_xmpp-client.localhost |
|
f44c1dabd4e9
Makefile, certs: Generate example certificates on build, remove the old static one
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
8 otherName.1 = 1.3.6.1.5.5.7.8.7;IA5STRING:_xmpp-server.localhost |
|
f44c1dabd4e9
Makefile, certs: Generate example certificates on build, remove the old static one
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
9 otherName.2 = 1.3.6.1.5.5.7.8.5;FORMAT:UTF8,UTF8:localhost |
|
f44c1dabd4e9
Makefile, certs: Generate example certificates on build, remove the old static one
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
10 |
|
f44c1dabd4e9
Makefile, certs: Generate example certificates on build, remove the old static one
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
11 [distinguished_name] |
|
f44c1dabd4e9
Makefile, certs: Generate example certificates on build, remove the old static one
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
12 countryName = GB |
|
f44c1dabd4e9
Makefile, certs: Generate example certificates on build, remove the old static one
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
13 organizationName = Prosody IM |
|
7359
a5a080c12c96
Update every link to the documentation to use HTTPS
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
5924
diff
changeset
|
14 organizationalUnitName = https://prosody.im/doc/certificates |
|
5924
f44c1dabd4e9
Makefile, certs: Generate example certificates on build, remove the old static one
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
15 commonName = Example certificate |
|
f44c1dabd4e9
Makefile, certs: Generate example certificates on build, remove the old static one
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
16 |
|
f44c1dabd4e9
Makefile, certs: Generate example certificates on build, remove the old static one
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
17 [req] |
|
f44c1dabd4e9
Makefile, certs: Generate example certificates on build, remove the old static one
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
18 prompt = no |
|
f44c1dabd4e9
Makefile, certs: Generate example certificates on build, remove the old static one
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
19 x509_extensions = v3_extensions |
|
f44c1dabd4e9
Makefile, certs: Generate example certificates on build, remove the old static one
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
20 req_extensions = v3_extensions |
|
f44c1dabd4e9
Makefile, certs: Generate example certificates on build, remove the old static one
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
21 distinguished_name = distinguished_name |
|
f44c1dabd4e9
Makefile, certs: Generate example certificates on build, remove the old static one
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
22 |
