prosody
9b720c38fee8
certs/openssl.cnf
Software / code / prosody
File
certs/openssl.cnf @ 13264:9b720c38fee8
mod_cron: Revert bbd3ac65640d
Maybe it is better to run daily and weekly tasks 'now' on the theory
that people set these things up during times that are appropriate for
maintenance already, so the same time next day or next week might be
fine for periodic cleanup.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Sun, 30 Jul 2023 13:03:40 +0200 |
| parent | 12604:bd9e006a7a74 |
line wrap: on
line source
oid_section = new_oids [ new_oids ] # RFC 6120 section 13.7.1.4. defines this OID xmppAddr = 1.3.6.1.5.5.7.8.5 # RFC 4985 defines this OID SRVName = 1.3.6.1.5.5.7.8.7 [ req ] default_bits = 4096 default_keyfile = example.com.key distinguished_name = distinguished_name req_extensions = certrequest x509_extensions = selfsigned # ask about the DN? prompt = no [ distinguished_name ] commonName = example.com countryName = GB localityName = The Internet organizationName = Your Organisation organizationalUnitName = XMPP Department emailAddress = xmpp@example.com [ certrequest ] # for certificate requests (req_extensions) basicConstraints = CA:FALSE keyUsage = digitalSignature,keyEncipherment extendedKeyUsage = serverAuth,clientAuth subjectAltName = @subject_alternative_name [ selfsigned ] # and self-signed certificates (x509_extensions) basicConstraints = CA:TRUE subjectAltName = @subject_alternative_name [ subject_alternative_name ] # See https://www.rfc-editor.org/rfc/rfc6120.html#section-13.7.1.2 for more info. DNS.0 = example.com otherName.0 = xmppAddr;FORMAT:UTF8,UTF8:example.com otherName.1 = SRVName;IA5STRING:_xmpp-client.example.com otherName.2 = SRVName;IA5STRING:_xmpp-server.example.com DNS.1 = conference.example.com otherName.3 = xmppAddr;FORMAT:UTF8,UTF8:conference.example.com otherName.4 = SRVName;IA5STRING:_xmpp-server.conference.example.com
