From 5350d20c661ce6484258b9c95d65c215de6bae48 Mon Sep 17 00:00:00 2001
From: ho <>
Date: Tue, 11 Dec 2001 20:24:53 +0000
Subject: FQDN subjectAltName in certs, used in isakmpd(8) examples. beck@ ok.

---
 src/lib/libssl/x509v3.cnf | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/src/lib/libssl/x509v3.cnf b/src/lib/libssl/x509v3.cnf
index f1e3c741bc..e430088671 100644
--- a/src/lib/libssl/x509v3.cnf
+++ b/src/lib/libssl/x509v3.cnf
@@ -2,6 +2,7 @@
 CERTPATHLEN		= 1
 CERTUSAGE		= digitalSignature,keyCertSign
 CERTIP			= 0.0.0.0
+CERTFQDN		= nohost.nodomain
 
 # This section should be referenced when building an x509v3 CA
 # Certificate.
@@ -17,3 +18,9 @@ keyUsage=$ENV::CERTUSAGE
 # The address must be provided in the CERTIP environment variable
 [x509v3_IPAddr]
 subjectAltName=IP:$ENV::CERTIP
+
+# This section should be referenced to add a FQDN hostname
+# as an alternate subject name, needed by isakmpd
+# The address must be provided in the CERTFQDN environment variable
+[x509v3_FQDN]
+subjectAltName=DNS:$ENV::CERTFQDN
-- 
cgit v1.2.3-55-g6feb