diff options
| author | Hakan Olsson <ho@cvs.openbsd.org> | 2001-12-11 20:24:54 +0000 |
|---|---|---|
| committer | Hakan Olsson <ho@cvs.openbsd.org> | 2001-12-11 20:24:54 +0000 |
| commit | 5950a0e871c2325da4c101d1c386ac5e4e76625a (patch) | |
| tree | 53014c339b1f69b25c14167290cc986abb8638a3 /lib | |
| parent | bcdc67875d523e8b0b2a251e2e7deb7a8c717756 (diff) | |
FQDN subjectAltName in certs, used in isakmpd(8) examples. beck@ ok.
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/libssl/x509v3.cnf | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/lib/libssl/x509v3.cnf b/lib/libssl/x509v3.cnf index f1e3c741bcb..e4300886710 100644 --- a/lib/libssl/x509v3.cnf +++ b/lib/libssl/x509v3.cnf @@ -2,6 +2,7 @@ CERTPATHLEN = 1 CERTUSAGE = digitalSignature,keyCertSign CERTIP = 0.0.0.0 +CERTFQDN = nohost.nodomain # This section should be referenced when building an x509v3 CA # Certificate. @@ -17,3 +18,9 @@ keyUsage=$ENV::CERTUSAGE # The address must be provided in the CERTIP environment variable [x509v3_IPAddr] subjectAltName=IP:$ENV::CERTIP + +# This section should be referenced to add a FQDN hostname +# as an alternate subject name, needed by isakmpd +# The address must be provided in the CERTFQDN environment variable +[x509v3_FQDN] +subjectAltName=DNS:$ENV::CERTFQDN |