diff options
author | Othmar Gsenger <otti@anytun.org> | 2007-07-30 19:37:53 +0000 |
---|---|---|
committer | Othmar Gsenger <otti@anytun.org> | 2007-07-30 19:37:53 +0000 |
commit | 6585e5ad764ee2414d9b01f30784b6549bc8f58e (patch) | |
tree | 4ea258d5327838363dc3ac66d09ecc94686f3e26 /keyexchange/isakmpd-20041012/x509v3.cnf | |
parent | ripe requests, final (diff) |
added keyexchange
Diffstat (limited to 'keyexchange/isakmpd-20041012/x509v3.cnf')
-rw-r--r-- | keyexchange/isakmpd-20041012/x509v3.cnf | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/keyexchange/isakmpd-20041012/x509v3.cnf b/keyexchange/isakmpd-20041012/x509v3.cnf new file mode 100644 index 0000000..1e98444 --- /dev/null +++ b/keyexchange/isakmpd-20041012/x509v3.cnf @@ -0,0 +1,26 @@ +# default settings +CERTPATHLEN = 1 +CERTUSAGE = digitalSignature,keyCertSign +CERTIP = 0.0.0.0 +CERTFQDN = nohost.nodomain + +# This section should be referenced when building an x509v3 CA +# Certificate. +# The default path length and the key usage can be overriden +# modified by setting the CERTPATHLEN and CERTUSAGE environment +# variables. +[x509v3_CA] +basicConstraints=critical,CA:true,pathlen:$ENV::CERTPATHLEN +keyUsage=$ENV::CERTUSAGE + +# This section should be referenced to add an IP Address +# as an alternate subject name, needed by isakmpd +# The address must be provided in the CERTIP environment variable +[x509v3_IPAddr] +subjectAltName=IP:$ENV::CERTIP + +# This section should be referenced to add a FQDN hostname +# as an alternate subject name, needed by isakmpd +# The address must be provided in the CERTFQDN environment variable +[x509v3_FQDN] +subjectAltName=DNS:$ENV::CERTFQDN |