summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/lib/libssl/x509v3.cnf3
1 files changed, 3 insertions, 0 deletions
diff --git a/src/lib/libssl/x509v3.cnf b/src/lib/libssl/x509v3.cnf
index 5835534b96..8c6b775da1 100644
--- a/src/lib/libssl/x509v3.cnf
+++ b/src/lib/libssl/x509v3.cnf
@@ -1,6 +1,7 @@
1# default settings 1# default settings
2CERTPATHLEN = 1 2CERTPATHLEN = 1
3CERTUSAGE = digitalSignature,keyCertSign,cRLSign 3CERTUSAGE = digitalSignature,keyCertSign,cRLSign
4EXTCERTUSAGE = serverAuth,clientAuth
4CERTIP = 0.0.0.0 5CERTIP = 0.0.0.0
5CERTFQDN = nohost.nodomain 6CERTFQDN = nohost.nodomain
6 7
@@ -18,9 +19,11 @@ keyUsage=$ENV::CERTUSAGE
18# The address must be provided in the CERTIP environment variable 19# The address must be provided in the CERTIP environment variable
19[x509v3_IPAddr] 20[x509v3_IPAddr]
20subjectAltName=IP:$ENV::CERTIP 21subjectAltName=IP:$ENV::CERTIP
22extendedKeyUsage=$ENV::EXTCERTUSAGE
21 23
22# This section should be referenced to add a FQDN hostname 24# This section should be referenced to add a FQDN hostname
23# as an alternate subject name, needed by isakmpd 25# as an alternate subject name, needed by isakmpd
24# The address must be provided in the CERTFQDN environment variable 26# The address must be provided in the CERTFQDN environment variable
25[x509v3_FQDN] 27[x509v3_FQDN]
26subjectAltName=DNS:$ENV::CERTFQDN 28subjectAltName=DNS:$ENV::CERTFQDN
29extendedKeyUsage=$ENV::EXTCERTUSAGE
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-21 14:32:14 +0000