prosody
d2d7ad2563f9

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

Changeset

6902:d2d7ad2563f9

util.openssl: Separate extension sections into one for self-signed certs and one for requests
author Kim Alvefur <zash@zash.se>
date Sun, 11 Oct 2015 18:49:14 +0200
parents 6873:6dae43341b44
children 6904:633af47470c8 6906:5a60b4705bc3
files util/openssl.lua
diffstat 1 files changed, 7 insertions(+), 3 deletions(-) [+]
line wrap: on
line diff
--- a/util/openssl.lua	Sat Sep 26 19:35:56 2015 +0200
+++ b/util/openssl.lua	Sun Oct 11 18:49:14 2015 +0200
@@ -18,8 +18,8 @@
 	return setmetatable({
 		req = {
 			distinguished_name = "distinguished_name",
-			req_extensions = "v3_extensions",
-			x509_extensions = "v3_extensions",
+			req_extensions = "certrequest",
+			x509_extensions = "selfsigned",
 			prompt = "no",
 		},
 		distinguished_name = {
@@ -31,12 +31,16 @@
 			commonName = "example.com",
 			emailAddress = "xmpp@example.com",
 		},
-		v3_extensions = {
+		certrequest = {
 			basicConstraints = "CA:FALSE",
 			keyUsage = "digitalSignature,keyEncipherment",
 			extendedKeyUsage = "serverAuth,clientAuth",
 			subjectAltName = "@subject_alternative_name",
 		},
+		selfsigned = {
+			basicConstraints = "CA:TRUE",
+			subjectAltName = "@subject_alternative_name",
+		},
 		subject_alternative_name = {
 			DNS = {},
 			otherName = {},