Pascal Dreissen
2016-07-08 a481a62a13c241df0b3269f7f915789f4451d51b
commit | author | age
f52de0 1 oid_section = new_oids
MF 2
3 [ new_oids ]
4
5 # RFC 3920 section 5.1.1 defines this OID
6 xmppAddr = 1.3.6.1.5.5.7.8.5
7
8 # RFC 4985 defines this OID
9 SRVName  = 1.3.6.1.5.5.7.8.7
10
11 [ req ]
12
13 default_bits       = 4096
14 default_keyfile    = {tmpl_var name='domain'}.key
15 distinguished_name = distinguished_name
16 req_extensions     = v3_extensions
17 x509_extensions    = v3_extensions
18
19 # ask about the DN?
20 prompt = no
21
22 [ distinguished_name ]
23
24 commonName             = {tmpl_var name='domain'}
25 countryName            = {tmpl_var name='ssl_country'}
26 localityName           = {tmpl_var name='ssl_locality'}
27 organizationName       = {tmpl_var name='ssl_organisation'}
28 organizationalUnitName = {tmpl_var name='ssl_organisation_unit'}
29 emailAddress           = {tmpl_var name='ssl_email'}
30
31 [ v3_extensions ]
32
33 # for certificate requests (req_extensions)
34 # and self-signed certificates (x509_extensions)
35
36 basicConstraints = CA:FALSE
37 keyUsage         = digitalSignature,keyEncipherment
38 extendedKeyUsage = serverAuth,clientAuth
39 subjectAltName   = @subject_alternative_name
40
41 [ subject_alternative_name ]
42
43 # See http://tools.ietf.org/html/draft-ietf-xmpp-3920bis#section-13.7.1.2 for more info.
44
45 DNS.0       =                                           {tmpl_var name='domain'}
46 otherName.0 =                 xmppAddr;FORMAT:UTF8,UTF8:{tmpl_var name='domain'}
47 otherName.1 =            SRVName;IA5STRING:_xmpp-client.{tmpl_var name='domain'}
48 otherName.2 =            SRVName;IA5STRING:_xmpp-server.{tmpl_var name='domain'}
49
50 DNS.1       =                                       muc.{tmpl_var name='domain'}
51 otherName.3 =             xmppAddr;FORMAT:UTF8,UTF8:muc.{tmpl_var name='domain'}
52 otherName.4 =        SRVName;IA5STRING:_xmpp-server.muc.{tmpl_var name='domain'}
53
54 DNS.2       =                                    pubsub.{tmpl_var name='domain'}
55 otherName.5 =          xmppAddr;FORMAT:UTF8,UTF8:pubsub.{tmpl_var name='domain'}
56 otherName.6 =     SRVName;IA5STRING:_xmpp-server.pubsub.{tmpl_var name='domain'}
57
58 DNS.3       =                                      anon.{tmpl_var name='domain'}
59 otherName.7 =            xmppAddr;FORMAT:UTF8,UTF8:anon.{tmpl_var name='domain'}
60 otherName.8 =       SRVName;IA5STRING:_xmpp-server.anon.{tmpl_var name='domain'}
61
62 DNS.4       =                                      xmpp.{tmpl_var name='domain'}
63 otherName.9 =            xmppAddr;FORMAT:UTF8,UTF8:xmpp.{tmpl_var name='domain'}
64 otherName.10=       SRVName;IA5STRING:_xmpp-server.xmpp.{tmpl_var name='domain'}
65
66 DNS.5       =                                     proxy.{tmpl_var name='domain'}
67 otherName.11=           xmppAddr;FORMAT:UTF8,UTF8:proxy.{tmpl_var name='domain'}
68 otherName.12=      SRVName;IA5STRING:_xmpp-server.proxy.{tmpl_var name='domain'}
69
70 DNS.6       =                                      vjud.{tmpl_var name='domain'}
71 otherName.13=            xmppAddr;FORMAT:UTF8,UTF8:vjud.{tmpl_var name='domain'}
72 otherName.14=       SRVName;IA5STRING:_xmpp-server.vjud.{tmpl_var name='domain'}