prosody
7e9ebdc75ce4
certs/openssl.cnf

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

File

certs/openssl.cnf @ 12480:7e9ebdc75ce4

net: isolate LuaSec-specifics For this, various accessor functions are now provided directly on the sockets, which reach down into the LuaSec implementation to obtain the information. While this may seem of little gain at first, it hides the implementation detail of the LuaSec+LuaSocket combination that the actual socket and the TLS layer are separate objects. The net gain here is that an alternative implementation does not have to emulate that specific implementation detail and "only" has to expose LuaSec-compatible data structures on the new functions.
author Jonas Schäfer <jonas@wielicki.name>
date Wed, 27 Apr 2022 17:44:14 +0200
parent 6922:e0672860d208
child 12604:bd9e006a7a74
line wrap: on
line source

oid_section = new_oids

[ new_oids ]

# RFC 6120 section 13.7.1.4. defines this OID
xmppAddr = 1.3.6.1.5.5.7.8.5

# RFC 4985 defines this OID
SRVName  = 1.3.6.1.5.5.7.8.7

[ req ]

default_bits       = 4096
default_keyfile    = example.com.key
distinguished_name = distinguished_name
req_extensions     = certrequest
x509_extensions    = selfsigned

# ask about the DN?
prompt = no

[ distinguished_name ]

commonName             = example.com
countryName            = GB
localityName           = The Internet
organizationName       = Your Organisation
organizationalUnitName = XMPP Department
emailAddress           = xmpp@example.com

[ certrequest ]

# for certificate requests (req_extensions)

basicConstraints = CA:FALSE
keyUsage         = digitalSignature,keyEncipherment
extendedKeyUsage = serverAuth,clientAuth
subjectAltName   = @subject_alternative_name

[ selfsigned ]

# and self-signed certificates (x509_extensions)

basicConstraints = CA:TRUE
subjectAltName = @subject_alternative_name

[ subject_alternative_name ]

# See http://tools.ietf.org/html/rfc6120#section-13.7.1.2 for more info.

DNS.0       =                                           example.com
otherName.0 =                 xmppAddr;FORMAT:UTF8,UTF8:example.com
otherName.1 =            SRVName;IA5STRING:_xmpp-client.example.com
otherName.2 =            SRVName;IA5STRING:_xmpp-server.example.com

DNS.1       =                                conference.example.com
otherName.3 =      xmppAddr;FORMAT:UTF8,UTF8:conference.example.com
otherName.4 = SRVName;IA5STRING:_xmpp-server.conference.example.com