prosody
e54b8a5e35ad
certs/openssl.cnf
Software / code / prosody
File
certs/openssl.cnf @ 12446:e54b8a5e35ad 0.12
util.random: Test whether util.crand works before using it (fix #1734)
util.crand can be configured at compile time to use the Linux
getrandom() system call, available from Linux 3.17, but it is still
possible to load it with an older kernel lacking that system call, where
attempting to use it throws an ENOSYS error.
By testing for this on load we can fall back to /dev/urandom in this
case.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Sat, 02 Apr 2022 16:33:27 +0200 |
| parent | 6922:e0672860d208 |
| child | 12604:bd9e006a7a74 |
line wrap: on
line source
oid_section = new_oids [ new_oids ] # RFC 6120 section 13.7.1.4. defines this OID xmppAddr = 1.3.6.1.5.5.7.8.5 # RFC 4985 defines this OID SRVName = 1.3.6.1.5.5.7.8.7 [ req ] default_bits = 4096 default_keyfile = example.com.key distinguished_name = distinguished_name req_extensions = certrequest x509_extensions = selfsigned # ask about the DN? prompt = no [ distinguished_name ] commonName = example.com countryName = GB localityName = The Internet organizationName = Your Organisation organizationalUnitName = XMPP Department emailAddress = xmpp@example.com [ certrequest ] # for certificate requests (req_extensions) basicConstraints = CA:FALSE keyUsage = digitalSignature,keyEncipherment extendedKeyUsage = serverAuth,clientAuth subjectAltName = @subject_alternative_name [ selfsigned ] # and self-signed certificates (x509_extensions) basicConstraints = CA:TRUE subjectAltName = @subject_alternative_name [ subject_alternative_name ] # See http://tools.ietf.org/html/rfc6120#section-13.7.1.2 for more info. DNS.0 = example.com otherName.0 = xmppAddr;FORMAT:UTF8,UTF8:example.com otherName.1 = SRVName;IA5STRING:_xmpp-client.example.com otherName.2 = SRVName;IA5STRING:_xmpp-server.example.com DNS.1 = conference.example.com otherName.3 = xmppAddr;FORMAT:UTF8,UTF8:conference.example.com otherName.4 = SRVName;IA5STRING:_xmpp-server.conference.example.com
