Merge with Zash

1 files changed, 52 insertions, 0 deletions

diff --git a/certs/openssl.cnf b/certs/openssl.cnf
new file mode 100644
index 00000000..9e72abe4
--- /dev/null
+++ b/certs/openssl.cnf
@@ -0,0 +1,52 @@
+oid_section = new_oids
+
+[ new_oids ]
+
+# RFC 3920 section 5.1.1 defines this OID
+xmppAddr = 1.3.6.1.5.5.7.8.5
+
+# RFC 4985 defines this OID
+SRVName  = 1.3.6.1.5.5.7.8.7
+
+[ req ]
+
+default_bits       = 4096
+default_keyfile    = example.com.key
+distinguished_name = distinguished_name
+req_extensions     = v3_extensions
+x509_extensions    = v3_extensions
+
+# ask about the DN?
+prompt = no
+
+[ distinguished_name ]
+
+commonName             = example.com
+countryName            = UK
+localityName           = The Internet
+organizationName       = Your Organisation
+organizationalUnitName = XMPP Department
+emailAddress           = xmpp@example.com
+
+[ v3_extensions ]
+
+# for certificate requests (req_extensions)
+# and self-signed certificates (x509_extensions)
+
+basicConstraints = CA:FALSE
+keyUsage         = digitalSignature,keyEncipherment
+extendedKeyUsage = serverAuth,clientAuth
+subjectAltName   = @subject_alternative_name
+
+[ subject_alternative_name ]
+
+# See http://tools.ietf.org/html/draft-ietf-xmpp-3920bis#section-13.7.1.2 for more info.
+
+DNS.0       =                                           example.com
+otherName.0 =                             xmppAddr;UTF8:example.com
+otherName.1 =            SRVName;IA5STRING:_xmpp-client.example.com
+otherName.2 =            SRVName;IA5STRING:_xmpp-server.example.com
+
+DNS.1       =                                conference.example.com
+otherName.3 =                  xmppAddr;UTF8:conference.example.com
+otherName.4 = SRVName;IA5STRING:_xmpp-server.conference.example.com