dépôts / lhc / ateliers.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Ajout : roundcube.
[lhc/ateliers.git] / etc / openssl / smtpd.heureux-cyclage.org / host.cfg
1 SERVICE = smtpd
2 RANDFILE = var/sec/x509/openssl.rand
3 oid_section = extra_oids
4 [ extra_oids ]
5 # NOTE: pour une éventuelle validation étendue (Extended Validation (EV))
6 jurisdictionOfIncorporationLocalityName = 1.3.6.1.4.1.311.60.2.1.1
7 jurisdictionOfIncorporationStateOrProvinceName = 1.3.6.1.4.1.311.60.2.1.2
8 jurisdictionOfIncorporationCountryName = 1.3.6.1.4.1.311.60.2.1.3
9 [ req ]
10 prompt = no
11 distinguished_name = distinguished_name
12 string_mask = pkix
13 #x509_extensions = root_extensions
14 #req_extensions = extension
15 #attributes = req_attributes
16 [ distinguished_name ]
17 countryName = $ENV::x509_country
18 stateOrProvinceName = $ENV::x509_state_or_province
19 localityName = $ENV::x509_state_or_province
20 0.organizationName = $ENV::x509_organization
21 organizationalUnitName = Service SMTP (serveur)
22 commonName = $SERVICE.$ENV::x509_host
23 businessCategory = $ENV::x509_business_category
24 jurisdictionOfIncorporationLocalityName = $ENV::x509_state_or_province
25 jurisdictionOfIncorporationStateOrProvinceName = $ENV::x509_state_or_province
26 jurisdictionOfIncorporationCountryName = $ENV::x509_country
27 [ extensions ]
28 basicConstraints = critical,CA:TRUE,pathlen:0
29 keyUsage = keyCertSign,cRLSign,digitalSignature,keyEncipherment
30 subjectAltName = email:contact+$SERVICE@$ENV::x509_host,DNS:$SERVICE.$ENV::x509_host,DNS:smtp.$ENV::x509_host,DNS:submission.$ENV::x509_host,DNS:smtps.$ENV::x509_host,DNS:mail.$ENV::x509_host,DNS:$SERVICE.cyclocoop.org,DNS:smtp.cyclocoop.org,DNS:submission.cyclocoop.org,DNS:smtps.cyclocoop.org,DNS:mail.cyclocoop.org
31 subjectKeyIdentifier = hash
32 issuerAltName = issuer:copy
33 authorityKeyIdentifier = keyid:always,issuer:always
34 authorityInfoAccess = caIssuers;URI:http://www.$ENV::x509_host/x509/crt.pem
35 crlDistributionPoints = URI:http://www.$ENV::x509_host/x509/$SERVICE/crl.pem
36 certificatePolicies = @certificate_policies
37 [ self_signed_extensions ]
38 basicConstraints = critical,CA:TRUE,pathlen:0
39 keyUsage = keyCertSign,cRLSign,digitalSignature,keyEncipherment
40 subjectAltName = email:contact+$SERVICE@$ENV::x509_host,DNS:$SERVICE.$ENV::x509_host,DNS:smtp.$ENV::x509_host,DNS:submission.$ENV::x509_host,DNS:smtps.$ENV::x509_host,DNS:mail.$ENV::x509_host,DNS:$SERVICE.cyclocoop.org,DNS:smtp.cyclocoop.org,DNS:submission.cyclocoop.org,DNS:smtps.cyclocoop.org,DNS:mail.cyclocoop.org
41 subjectKeyIdentifier = hash
42 issuerAltName = issuer:copy
43 authorityKeyIdentifier = keyid:always,issuer:always
44 authorityInfoAccess = caIssuers;URI:http://www.$ENV::x509_host/x509/$SERVICE/crt.pem
45 crlDistributionPoints = URI:http://www.$ENV::x509_host/x509/$SERVICE/crl.pem
46 [ user_extensions ]
47 basicConstraints = critical,CA:FALSE,pathlen:0
48 keyUsage = digitalSignature,keyEncipherment
49 subjectAltName = email:$ENV::user@$ENV::x509_host
50 subjectKeyIdentifier = hash
51 issuerAltName = issuer:copy
52 authorityKeyIdentifier = keyid:always,issuer:always
53 authorityInfoAccess = caIssuers;URI:http://www.$ENV::x509_host/x509/$SERVICE/crt.pem
54 [ certificate_policies ]
55 policyIdentifier = 1.2.250.1.42
56 CPS.1 = https://www.$ENV::x509_host/x509/cps
57 [ ca ]
58 private_key = var/sec/x509/$ENV::x509/key.pem
59 dir = var/pub/x509/$ENV::x509
60 crl_dir = $dir
61 crlnumber = $dir/crl.num
62 crl = $dir/crl.pem
63 database = $dir/idx.txt
64 [ self_signed_ca ]
65 private_key = var/sec/x509/$ENV::x509/key.pem
66 dir = var/pub/x509/$ENV::x509
67 crl_dir = $dir
68 crlnumber = $dir/crl.self-signed.num
69 crl = $dir/crl.self-signed.pem
70 database = $dir/idx.self-signed.txt
outils d'administration d'ateliers.heureux-cyclage.org