prosody
64ddcbc9a328
certs/makefile
Software / code / prosody
File
certs/makefile @ 10360:64ddcbc9a328
core.stanza_router: Do strict jidprep on c2s
Be conservative in what you let your clients send, be liberal in what
you let in via s2s.
Being strict on s2s leads to interop problems and poor experiences, ie
users being ejected from MUCs if something invalid enters. By starting
with tightening up input into the network, we may be able to gradually
approach a point where no invalid JIDs are allowed.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Mon, 09 Sep 2019 22:32:01 +0200 |
| parent | 8593:c4222e36333c |
line wrap: on
line source
.DEFAULT: localhost.crt keysize=2048 # How to: # First, `make yourhost.cnf` which creates a openssl config file. # Then edit this file and fill in the details you want it to have, # and add or change hosts and components it should cover. # Then `make yourhost.key` to create your private key, you can # include keysize=number to change the size of the key. # Then you can either `make yourhost.csr` to generate a certificate # signing request that you can submit to a CA, or `make yourhost.crt` # to generate a self signed certificate. ${.TARGETS:M*.crt}: openssl req -new -x509 -newkey rsa:$(keysize) -nodes -keyout ${.TARGET:R}.key \ -days 365 -sha256 -out $@ -utf8 -subj /CN=${.TARGET:R} .SUFFIXES: .key .crt
