File

certs/openssl.cnf @ 10067:598befab492e

mod_admin_telnet: Check for simple commands before executing in sandbox This makes fixing yield over pcall boundry issue easier since it would have jumped to the thread error handler instead of proceeding to checking for simple commands.
author Kim Alvefur <zash@zash.se>
date Fri, 10 May 2019 01:28:09 +0200
parent 6922:e0672860d208
child 12604:bd9e006a7a74
line wrap: on
line source

oid_section = new_oids

[ new_oids ]

# RFC 6120 section 13.7.1.4. defines this OID
xmppAddr = 1.3.6.1.5.5.7.8.5

# RFC 4985 defines this OID
SRVName  = 1.3.6.1.5.5.7.8.7

[ req ]

default_bits       = 4096
default_keyfile    = example.com.key
distinguished_name = distinguished_name
req_extensions     = certrequest
x509_extensions    = selfsigned

# ask about the DN?
prompt = no

[ distinguished_name ]

commonName             = example.com
countryName            = GB
localityName           = The Internet
organizationName       = Your Organisation
organizationalUnitName = XMPP Department
emailAddress           = xmpp@example.com

[ certrequest ]

# for certificate requests (req_extensions)

basicConstraints = CA:FALSE
keyUsage         = digitalSignature,keyEncipherment
extendedKeyUsage = serverAuth,clientAuth
subjectAltName   = @subject_alternative_name

[ selfsigned ]

# and self-signed certificates (x509_extensions)

basicConstraints = CA:TRUE
subjectAltName = @subject_alternative_name

[ subject_alternative_name ]

# See http://tools.ietf.org/html/rfc6120#section-13.7.1.2 for more info.

DNS.0       =                                           example.com
otherName.0 =                 xmppAddr;FORMAT:UTF8,UTF8:example.com
otherName.1 =            SRVName;IA5STRING:_xmpp-client.example.com
otherName.2 =            SRVName;IA5STRING:_xmpp-server.example.com

DNS.1       =                                conference.example.com
otherName.3 =      xmppAddr;FORMAT:UTF8,UTF8:conference.example.com
otherName.4 = SRVName;IA5STRING:_xmpp-server.conference.example.com