X-Git-Url: https://git.cyclocoop.org/?a=blobdiff_plain;f=etc%2Fopenssl%2Fservice%2Fimap.cfg;fp=etc%2Fopenssl%2Fservice%2Fimap.cfg;h=0000000000000000000000000000000000000000;hb=deeba8cf50893362d5af7bed3e94119e430af487;hp=111918498dcb9f1ea1c64f65a2b8ae2fe5a9ad51;hpb=99a36d394e71f3ea03c530c1e6f33666e39039fc;p=lhc%2Fateliers.git diff --git a/etc/openssl/service/imap.cfg b/etc/openssl/service/imap.cfg deleted file mode 100644 index 1119184..0000000 --- a/etc/openssl/service/imap.cfg +++ /dev/null @@ -1,71 +0,0 @@ - SERVICE = imap - HOME = . - RANDFILE = var/sec/x509/openssl.rand - oid_section = extra_oids -[ extra_oids ] - # NOTE: pour une éventuelle validation étendue (Extended Validation (EV)) - jurisdictionOfIncorporationLocalityName = 1.3.6.1.4.1.311.60.2.1.1 - jurisdictionOfIncorporationStateOrProvinceName = 1.3.6.1.4.1.311.60.2.1.2 - jurisdictionOfIncorporationCountryName = 1.3.6.1.4.1.311.60.2.1.3 -[ req ] - prompt = no - distinguished_name = service_distinguished_name - string_mask = pkix - #x509_extensions = root_extensions - #req_extensions = service_extension - #attributes = req_attributes -[ service_distinguished_name ] - countryName = $ENV::x509_country - stateOrProvinceName = $ENV::x509_state_or_province - localityName = $ENV::x509_state_or_province - 0.organizationName = $ENV::x509_organization - organizationalUnitName = Service IMAP - commonName = $SERVICE.$ENV::x509_host - businessCategory = $ENV::x509_business_category - jurisdictionOfIncorporationLocalityName = $ENV::x509_state_or_province - jurisdictionOfIncorporationStateOrProvinceName = $ENV::x509_state_or_province - jurisdictionOfIncorporationCountryName = $ENV::x509_country -[ service_extensions ] - basicConstraints = critical,CA:FALSE - keyUsage = digitalSignature,keyEncipherment - subjectAltName = email:contact+$SERVICE@$ENV::x509_host,DNS:$SERVICE.$ENV::x509_host - subjectKeyIdentifier = hash - issuerAltName = issuer:copy - authorityKeyIdentifier = keyid:always,issuer:always - authorityInfoAccess = caIssuers;URI:http://www.$ENV::x509_host/x509/crt.pem - crlDistributionPoints = URI:http://www.$ENV::x509_host/x509/$SERVICE/crl.pem - certificatePolicies = @service_certificate_policies -[ service_self_signed_extensions ] - basicConstraints = critical,CA:TRUE,pathlen:0 - keyUsage = keyCertSign,cRLSign,digitalSignature,keyEncipherment - subjectAltName = email:contact+$SERVICE@$ENV::x509_host,DNS:$SERVICE.$ENV::x509_host - subjectKeyIdentifier = hash - issuerAltName = issuer:copy - authorityKeyIdentifier = keyid:always,issuer:always - authorityInfoAccess = caIssuers;URI:http://www.$ENV::x509_host/x509/$SERVICE/crt.pem - crlDistributionPoints = URI:http://www.$ENV::x509_host/x509/$SERVICE/crl.self-signed.pem -[ user_extensions ] - basicConstraints = critical,CA:FALSE,pathlen:0 - keyUsage = digitalSignature,keyEncipherment - subjectAltName = email:$ENV::USER@$ENV::x509_host - subjectKeyIdentifier = hash - issuerAltName = issuer:copy - authorityKeyIdentifier = keyid:always,issuer:always - authorityInfoAccess = caIssuers;URI:http://www.$ENV::x509_host/x509/$SERVICE/crt.pem -[ service_certificate_policies ] - policyIdentifier = 1.2.250.1.42 - CPS.1 = https://www.$ENV::x509_host/x509/cps -[ service_ca ] - private_key = $HOME/var/sec/x509/service/$SERVICE/key.pem - dir = $HOME/var/pub/x509/service/$SERVICE - crl_dir = $dir - crlnumber = $dir/crl.num - crl = $dir/crl.pem - database = $dir/idx.txt -[ service_self_signed_ca ] - private_key = $HOME/var/sec/x509/service/$SERVICE/key.pem - dir = $HOME/var/pub/x509/service/$SERVICE - crl_dir = $dir - crlnumber = $dir/crl.self-signed.num - crl = $dir/crl.self-signed.pem - database = $dir/idx.self-signed.txt