summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/lib/libssl/x509v3.cnf7
1 files changed, 7 insertions, 0 deletions
diff --git a/src/lib/libssl/x509v3.cnf b/src/lib/libssl/x509v3.cnf
index f1e3c741bc..e430088671 100644
--- a/src/lib/libssl/x509v3.cnf
+++ b/src/lib/libssl/x509v3.cnf
@@ -2,6 +2,7 @@
2CERTPATHLEN = 1 2CERTPATHLEN = 1
3CERTUSAGE = digitalSignature,keyCertSign 3CERTUSAGE = digitalSignature,keyCertSign
4CERTIP = 0.0.0.0 4CERTIP = 0.0.0.0
5CERTFQDN = nohost.nodomain
5 6
6# This section should be referenced when building an x509v3 CA 7# This section should be referenced when building an x509v3 CA
7# Certificate. 8# Certificate.
@@ -17,3 +18,9 @@ keyUsage=$ENV::CERTUSAGE
17# The address must be provided in the CERTIP environment variable 18# The address must be provided in the CERTIP environment variable
18[x509v3_IPAddr] 19[x509v3_IPAddr]
19subjectAltName=IP:$ENV::CERTIP 20subjectAltName=IP:$ENV::CERTIP
21
22# This section should be referenced to add a FQDN hostname
23# as an alternate subject name, needed by isakmpd
24# The address must be provided in the CERTFQDN environment variable
25[x509v3_FQDN]
26subjectAltName=DNS:$ENV::CERTFQDN
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-21 02:00:05 +0000