Software /
code /
prosody
Annotate
certs/openssl.cnf @ 4258:ee445e658848
mod_legacyauth: Disallow on unencrypted connections by default, heed allow_unencrypted_plain_auth config option (thanks Maranda/Zash)
author | Matthew Wild <mwild1@gmail.com> |
---|---|
date | Wed, 20 Apr 2011 18:19:28 +0100 |
parent | 3826:be89be2cab26 |
child | 4098:7d687c348295 |
rev | line source |
---|---|
3824
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
1 oid_section = new_oids |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
2 |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
3 [ new_oids ] |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
4 |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
5 # RFC 3920 section 5.1.1 defines this OID |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
6 xmppAddr = 1.3.6.1.5.5.7.8.5 |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
7 |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
8 # RFC 4985 defines this OID |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
9 SRVName = 1.3.6.1.5.5.7.8.7 |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
10 |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
11 [ req ] |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
12 |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
13 default_bits = 4096 |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
14 default_keyfile = example.com.key |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
15 distinguished_name = distinguished_name |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
16 req_extensions = v3_extensions |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
17 x509_extensions = v3_extensions |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
18 |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
19 # ask about the DN? |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
20 prompt = no |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
21 |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
22 [ distinguished_name ] |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
23 |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
24 commonName = example.com |
3826
be89be2cab26
certs/openssl.cnf: Change countryName from UK to GB
Matthew Wild <mwild1@gmail.com>
parents:
3824
diff
changeset
|
25 countryName = GB |
3824
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
26 localityName = The Internet |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
27 organizationName = Your Organisation |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
28 organizationalUnitName = XMPP Department |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
29 emailAddress = xmpp@example.com |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
30 |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
31 [ v3_extensions ] |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
32 |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
33 # for certificate requests (req_extensions) |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
34 # and self-signed certificates (x509_extensions) |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
35 |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
36 basicConstraints = CA:FALSE |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
37 keyUsage = digitalSignature,keyEncipherment |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
38 extendedKeyUsage = serverAuth,clientAuth |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
39 subjectAltName = @subject_alternative_name |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
40 |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
41 [ subject_alternative_name ] |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
42 |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
43 # See http://tools.ietf.org/html/draft-ietf-xmpp-3920bis#section-13.7.1.2 for more info. |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
44 |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
45 DNS.0 = example.com |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
46 otherName.0 = xmppAddr;UTF8:example.com |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
47 otherName.1 = SRVName;IA5STRING:_xmpp-client.example.com |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
48 otherName.2 = SRVName;IA5STRING:_xmpp-server.example.com |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
49 |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
50 DNS.1 = conference.example.com |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
51 otherName.3 = xmppAddr;UTF8:conference.example.com |
d02bb4839ac4
certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
52 otherName.4 = SRVName;IA5STRING:_xmpp-server.conference.example.com |