To create new wiki account, please join us on #znc at Libera.Chat and ask admins to create a wiki account for you. You can say thanks to spambots for this inconvenience.

Template:ZNC-Versions and OpenSSL.cnf SelfSigned: Difference between pages

From ZNC
(Difference between pages)
Jump to navigation Jump to search
No edit summary
 
DoctorD90 (talk | contribs)
94 edits
Created page with " [default] default_md = sha512 name_opt = ca_default cert_opt = ca_default default_days = 375 policy = @policy_selfsigned [ re..."
 
Line 1: Line 1:
0.000
[default]
0.043
default_md        = sha512
0.044
name_opt          = ca_default
0.045
cert_opt          = ca_default
0.047
default_days      = 375
0.050
policy            = @policy_selfsigned
0.052
0.054
[ req ]
0.056
#Options from the [ req ] section are applied
0.058
#when creating certificates or certificate signing requests.
0.060
# Options for the `req` tool (`man req`).
0.062
default_bits        = 4096
0.064
distinguished_name  = req_selfsigned
0.066
string_mask        = utf8only
0.068
default_md          = sha512
0.070
0.072
0.074
[ req_selfsigned ]
0.076
# The [ req_dn ] section declares the information
0.078
# normally required in a certificate signing request.
0.080
# You can optionally specify some defaults.
0.090
# See <https://en.wikipedia.org/wiki/Certificate_signing_request>.
0.092
countryName                    = Country Name (2 letter code)
0.094
countryName_min                = 2
0.096
countryName_max                = 2
0.098
stateOrProvinceName            = State or Province Name (full name)
0.200
localityName                    = Locality Name (eg, city)
0.202
organizationName                = Organization Name (eg, company)
0.204
organizationalUnitName          = Organizational Unit Name (eg, section)
0.206
commonName                      = Common Name (e.g. server FQDN or YOUR name)
1.0
emailAddress                    = Email Address
1.2
1.4
# Optionally, specify some defaults.
1.6.0
countryName_default            = IT
1.6.1
stateOrProvinceName_default    = Italy
1.6.2
localityName_default            = Italy
1.6.3
organizationName_default        = ZNC.in
1.6.4
#organizationalUnitName_default  = ZNC Service
1.6.5
#commonName_default            = wiki.znc.in
1.6.6
emailAddress_default            = user [at] example [dot] com
1.7.0
1.7.1
[ policy_selfsigned ]
1.7.2
# See the POLICY FORMAT section of the `ca` man page.
1.7.3
countryName            = optional
1.7.4
stateOrProvinceName    = optional
1.7.5
localityName            = optional
1.8.0
organizationName        = optional
git
organizationalUnitName  = optional
commonName              = optional
emailAddress            = optional
[ usr_cert ]
# We’ll apply the usr_cert extension when signing client certificates,
# such as those used for remote user authentication.
# Extensions for client certificates (`man x509v3_config`).
basicConstraints = critical, CA:FALSE
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always, issuer:always
keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment, dataEncipherment, keyAgreement
extendedKeyUsage = critical, clientAuth, emailProtection, codeSigning
[ server_cert ]
# We’ll apply the server_cert extension when signing server certificates,
# such as those used for web servers.
# Extensions for server certificates (`man x509v3_config`).
basicConstraints = critical, CA:FALSE
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always, issuer:always
keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment, keyAgreement
extendedKeyUsage = critical, serverAuth

Revision as of 18:03, 23 August 2021

[default]
default_md        = sha512
name_opt          = ca_default
cert_opt          = ca_default
default_days      = 375
policy            = @policy_selfsigned

[ req ]
#Options from the [ req ] section are applied
#when creating certificates or certificate signing requests.
# Options for the `req` tool (`man req`).
default_bits        = 4096
distinguished_name  = req_selfsigned
string_mask         = utf8only
default_md          = sha512


[ req_selfsigned ]
# The [ req_dn ] section declares the information
# normally required in a certificate signing request.
# You can optionally specify some defaults.
# See <https://en.wikipedia.org/wiki/Certificate_signing_request>.
countryName                     = Country Name (2 letter code)
countryName_min                 = 2
countryName_max                 = 2
stateOrProvinceName             = State or Province Name (full name)
localityName                    = Locality Name (eg, city)
organizationName                = Organization Name (eg, company)
organizationalUnitName          = Organizational Unit Name (eg, section)
commonName                      = Common Name (e.g. server FQDN or YOUR name)
emailAddress                    = Email Address

# Optionally, specify some defaults.
countryName_default             = IT
stateOrProvinceName_default     = Italy
localityName_default            = Italy
organizationName_default        = ZNC.in
#organizationalUnitName_default  = ZNC Service
#commonName_default             = wiki.znc.in
emailAddress_default            = user [at] example [dot] com

[ policy_selfsigned ]
# See the POLICY FORMAT section of the `ca` man page.
countryName             = optional
stateOrProvinceName     = optional
localityName            = optional
organizationName        = optional
organizationalUnitName  = optional
commonName              = optional
emailAddress            = optional

[ usr_cert ]
# We’ll apply the usr_cert extension when signing client certificates,
# such as those used for remote user authentication.
# Extensions for client certificates (`man x509v3_config`).
basicConstraints = critical, CA:FALSE
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always, issuer:always
keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment, dataEncipherment, keyAgreement
extendedKeyUsage = critical, clientAuth, emailProtection, codeSigning

[ server_cert ]
# We’ll apply the server_cert extension when signing server certificates,
# such as those used for web servers.
# Extensions for server certificates (`man x509v3_config`).
basicConstraints = critical, CA:FALSE
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always, issuer:always
keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment, keyAgreement
extendedKeyUsage = critical, serverAuth
Retrieved from "https://wiki.znc.in/index.php?title=Template:ZNC-Versions&oldid=2929"