ISPConfig3 devel
blame | history | raw
Marius Cramer
2015-08-06 37b29231e47a0c4458dc1c15d98588f16f07e1e2 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48

oid_section = new_oids


 


[ new_oids ]


 


# RFC 3920 section 5.1.1 defines this OID


xmppAddr = 1.3.6.1.5.5.7.8.5


 


# RFC 4985 defines this OID


SRVName  = 1.3.6.1.5.5.7.8.7


 


[ req ]


 


default_bits       = 4096


default_keyfile    = {tmpl_var name='domain'}.key


distinguished_name = distinguished_name


req_extensions     = v3_extensions


x509_extensions    = v3_extensions


 


# ask about the DN?


prompt = no


 


[ distinguished_name ]


 


commonName             = {tmpl_var name='domain'}


countryName            = {tmpl_var name='ssl_country'}


localityName           = {tmpl_var name='ssl_locality'}


organizationName       = {tmpl_var name='ssl_organisation'}


organizationalUnitName = {tmpl_var name='ssl_organisation_unit'}


emailAddress           = {tmpl_var name='ssl_email'}


 


[ v3_extensions ]


 


# for certificate requests (req_extensions)


# and self-signed certificates (x509_extensions)


 


basicConstraints = CA:FALSE


keyUsage         = digitalSignature,keyEncipherment


extendedKeyUsage = serverAuth,clientAuth


subjectAltName   = @subject_alternative_name


 


[ subject_alternative_name ]


 


# See http://tools.ietf.org/html/draft-ietf-xmpp-3920bis#section-13.7.1.2 for more info.


 


DNS.0       =                                           {tmpl_var name='domain'}


otherName.0 =                 xmppAddr;FORMAT:UTF8,UTF8:{tmpl_var name='domain'}


otherName.1 =            SRVName;IA5STRING:_xmpp-client.{tmpl_var name='domain'}


otherName.2 =            SRVName;IA5STRING:_xmpp-server.{tmpl_var name='domain'}