|
1 oid_section = new_oids |
|
2 |
|
3 [ new_oids ] |
|
4 |
|
5 # RFC 3920 section 5.1.1 defines this OID |
|
6 xmppAddr = 1.3.6.1.5.5.7.8.5 |
|
7 |
|
8 # RFC 4985 defines this OID |
|
9 SRVName = 1.3.6.1.5.5.7.8.7 |
|
10 |
|
11 [ req ] |
|
12 |
|
13 default_bits = 4096 |
|
14 default_keyfile = example.com.key |
|
15 distinguished_name = distinguished_name |
|
16 req_extensions = v3_extensions |
|
17 x509_extensions = v3_extensions |
|
18 |
|
19 # ask about the DN? |
|
20 prompt = no |
|
21 |
|
22 [ distinguished_name ] |
|
23 |
|
24 commonName = example.com |
|
25 countryName = UK |
|
26 localityName = The Internet |
|
27 organizationName = Your Organisation |
|
28 organizationalUnitName = XMPP Department |
|
29 emailAddress = xmpp@example.com |
|
30 |
|
31 [ v3_extensions ] |
|
32 |
|
33 # for certificate requests (req_extensions) |
|
34 # and self-signed certificates (x509_extensions) |
|
35 |
|
36 basicConstraints = CA:FALSE |
|
37 keyUsage = digitalSignature,keyEncipherment |
|
38 extendedKeyUsage = serverAuth,clientAuth |
|
39 subjectAltName = @subject_alternative_name |
|
40 |
|
41 [ subject_alternative_name ] |
|
42 |
|
43 # See http://tools.ietf.org/html/draft-ietf-xmpp-3920bis#section-13.7.1.2 for more info. |
|
44 |
|
45 DNS.0 = example.com |
|
46 otherName.0 = xmppAddr;UTF8:example.com |
|
47 otherName.1 = SRVName;IA5STRING:_xmpp-client.example.com |
|
48 otherName.2 = SRVName;IA5STRING:_xmpp-server.example.com |
|
49 |
|
50 DNS.1 = conference.example.com |
|
51 otherName.3 = xmppAddr;UTF8:conference.example.com |
|
52 otherName.4 = SRVName;IA5STRING:_xmpp-server.conference.example.com |