dépôts / lhc / ateliers.git / blob
? search:


f609c993942a4b6e094200725d0e3718d92d26e5
[lhc/ateliers.git] / etc / openssl / service / smptd.cfg
1 SERVICE = smtpd
2 HOME = .
3 RANDFILE = $HOME/var/rand
4 oid_section = extra_oids
5 [ extra_oids ]
6 # Pour la validation étendue (Extended Validation (EV))
7 jurisdictionOfIncorporationLocalityName = 1.3.6.1.4.1.311.60.2.1.1
8 jurisdictionOfIncorporationStateOrProvinceName = 1.3.6.1.4.1.311.60.2.1.2
9 jurisdictionOfIncorporationCountryName = 1.3.6.1.4.1.311.60.2.1.3
10 [ req ]
11 prompt = no
12 distinguished_name = service_distinguished_name
13 string_mask = pkix
14 #x509_extensions = root_extensions
15 #req_extensions = service_extension
16 #attributes = req_attributes
17 [ service_distinguished_name ]
18 countryName = $ENV::x509_country
19 stateOrProvinceName = $ENV::x509_state_or_province
20 localityName = $ENV::x509_state_or_province
21 0.organizationName = $ENV::x509_organization
22 organizationalUnitName = Service SMTP (serveur)
23 commonName = $SERVICE.$ENV::x509_host
24 businessCategory = $ENV::x509_business_category
25 jurisdictionOfIncorporationLocalityName = $ENV::x509_state_or_province
26 jurisdictionOfIncorporationStateOrProvinceName = $ENV::x509_state_or_province
27 jurisdictionOfIncorporationCountryName = $ENV::x509_country
28 [ service_extensions ]
29 basicConstraints = critical,CA:TRUE,pathlen:0
30 keyUsage = keyCertSign,cRLSign,digitalSignature,keyEncipherment
31 subjectAltName = email:contact+$SERVICE@$ENV::x509_host,DNS:$SERVICE.$ENV::x509_host,DNS:smtp.$ENV::x509_host,DNS:submission.$ENV::x509_host,DNS:smtps.$ENV::x509_host
32 subjectKeyIdentifier = hash
33 issuerAltName = issuer:copy
34 authorityKeyIdentifier = keyid:always,issuer:always
35 authorityInfoAccess = caIssuers;URI:http://www.$ENV::x509_host/tls/crt.pem
36 crlDistributionPoints = URI:http://www.$ENV::x509_host/tls/$SERVICE/crl.pem
37 certificatePolicies = @service_certificate_policies
38 [ service_self_signed_extensions ]
39 basicConstraints = critical,CA:TRUE,pathlen:0
40 keyUsage = keyCertSign,cRLSign,digitalSignature,keyEncipherment
41 subjectAltName = email:contact+$SERVICE@$ENV::x509_host,DNS:$SERVICE.$ENV::x509_host,DNS:smtp.$ENV::x509_host,DNS:submission.$ENV::x509_host,DNS:smtps.$ENV::x509_host
42 subjectKeyIdentifier = hash
43 issuerAltName = issuer:copy
44 authorityKeyIdentifier = keyid:always,issuer:always
45 authorityInfoAccess = caIssuers;URI:http://www.$ENV::x509_host/tls/$SERVICE/crt.pem
46 crlDistributionPoints = URI:http://www.$ENV::x509_host/tls/$SERVICE/crl.pem
47 [ user_extensions ]
48 basicConstraints = critical,CA:FALSE,pathlen:0
49 keyUsage = digitalSignature,keyEncipherment
50 subjectAltName = email:$ENV::x509_user@$ENV::x509_host
51 subjectKeyIdentifier = hash
52 issuerAltName = issuer:copy
53 authorityKeyIdentifier = keyid:always,issuer:always
54 authorityInfoAccess = caIssuers;URI:http://www.$ENV::x509_host/tls/$SERVICE/crt.pem
55 [ service_certificate_policies ]
56 policyIdentifier = 1.2.250.1.42
57 CPS.1 = https://www.$ENV::x509_host/tls/cps
58 [ service_ca ]
59 dir = $HOME/var/lib/x509/service/$SERVICE
60 crl_dir = $dir
61 crlnumber = $dir/crl.num
62 crl = $dir/crl.pem
63 private_key = $dir/key.pem
64 database = $dir/idx.txt
65 [ service_self_signed_ca ]
66 dir = $HOME/var/lib/x509/service/$SERVICE
67 crl_dir = $dir
68 crlnumber = $dir/crl.self-signed.num
69 crl = $dir/crl.self-signed.pem
70 database = $dir/idx.self-signed.txt
71 private_key = $dir/key.pem
outils d'administration d'ateliers.heureux-cyclage.org