aboutsummaryrefslogtreecommitdiffstats
path: root/util
diff options
context:
space:
mode:
authorKim Alvefur <zash@zash.se>2015-10-11 18:49:14 +0200
committerKim Alvefur <zash@zash.se>2015-10-11 18:49:14 +0200
commit0dfbace5560dc05a5ddbdb89819efdc9ae9ae0e3 (patch)
tree389056cc6e2f0722f49655ecdffd4e8b9dfb06b7 /util
parentb7b28af321e349cac16f2a9709fe9d618d5d8bf0 (diff)
downloadprosody-0dfbace5560dc05a5ddbdb89819efdc9ae9ae0e3.tar.gz
prosody-0dfbace5560dc05a5ddbdb89819efdc9ae9ae0e3.zip
util.openssl: Separate extension sections into one for self-signed certs and one for requests
Diffstat (limited to 'util')
-rw-r--r--util/openssl.lua10
1 files changed, 7 insertions, 3 deletions
diff --git a/util/openssl.lua b/util/openssl.lua
index ef3fba96..39fe99d6 100644
--- a/util/openssl.lua
+++ b/util/openssl.lua
@@ -18,8 +18,8 @@ function config.new()
return setmetatable({
req = {
distinguished_name = "distinguished_name",
- req_extensions = "v3_extensions",
- x509_extensions = "v3_extensions",
+ req_extensions = "certrequest",
+ x509_extensions = "selfsigned",
prompt = "no",
},
distinguished_name = {
@@ -31,12 +31,16 @@ function config.new()
commonName = "example.com",
emailAddress = "xmpp@example.com",
},
- v3_extensions = {
+ certrequest = {
basicConstraints = "CA:FALSE",
keyUsage = "digitalSignature,keyEncipherment",
extendedKeyUsage = "serverAuth,clientAuth",
subjectAltName = "@subject_alternative_name",
},
+ selfsigned = {
+ basicConstraints = "CA:TRUE",
+ subjectAltName = "@subject_alternative_name",
+ },
subject_alternative_name = {
DNS = {},
otherName = {},