Mercurial Mercurial > prosody > prosody / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
certs/openssl.cnf
changeset 6925 e0672860d208
parent 5350 fba042a2c228
child 12608 bd9e006a7a74 
--- a/certs/openssl.cnf	Wed Oct 14 20:55:26 2015 +0200
+++ b/certs/openssl.cnf	Mon Nov 09 14:16:39 2015 +0100
@@ -13,8 +13,8 @@
 default_bits       = 4096
 default_keyfile    = example.com.key
 distinguished_name = distinguished_name
-req_extensions     = v3_extensions
-x509_extensions    = v3_extensions
+req_extensions     = certrequest
+x509_extensions    = selfsigned
 
 # ask about the DN?
 prompt = no
@@ -28,16 +28,22 @@
 organizationalUnitName = XMPP Department
 emailAddress           = xmpp@example.com
 
-[ v3_extensions ]
+[ certrequest ]
 
 # for certificate requests (req_extensions)
-# and self-signed certificates (x509_extensions)
 
 basicConstraints = CA:FALSE
 keyUsage         = digitalSignature,keyEncipherment
 extendedKeyUsage = serverAuth,clientAuth
 subjectAltName   = @subject_alternative_name
 
+[ selfsigned ]
+
+# and self-signed certificates (x509_extensions)
+
+basicConstraints = CA:TRUE
+subjectAltName = @subject_alternative_name
+
 [ subject_alternative_name ]
 
 # See http://tools.ietf.org/html/rfc6120#section-13.7.1.2 for more info.
prosody