X-Git-Url: https://git.cyclocoop.org/?p=lhc%2Fateliers.git;a=blobdiff_plain;f=etc%2Fopenssl%2Fsympa.heureux-cyclage.org%2Fhost.cfg;h=dc744bd0c8a58240e544fd7e0a3861daa9c1a378;hp=652ecb46056dc90e0b2a38968e0cd41465e01c4a;hb=2fd26e163d4e719e78eea7576d1d65e25d85941b;hpb=b27661cf8e40872543f86a00922d18573ef83612

diff --git a/etc/openssl/sympa.heureux-cyclage.org/host.cfg b/etc/openssl/sympa.heureux-cyclage.org/host.cfg
index 652ecb4..dc744bd 100644
--- a/etc/openssl/sympa.heureux-cyclage.org/host.cfg
+++ b/etc/openssl/sympa.heureux-cyclage.org/host.cfg
@@ -25,9 +25,9 @@
 	jurisdictionOfIncorporationStateOrProvinceName = $ENV::x509_state_or_province
 	jurisdictionOfIncorporationCountryName         = $ENV::x509_country
 [ extensions ]
-	basicConstraints       = critical,CA:TRUE,pathlen:0
-	keyUsage               = keyCertSign,cRLSign,digitalSignature,keyEncipherment
-	subjectAltName         = email:contact+$SERVICE@$ENV::x509_host,DNS:$SERVICE.$ENV::x509_host
+	basicConstraints       = critical,CA:FALSE,pathlen:0
+	keyUsage               = keyEncipherment
+	subjectAltName         = email:contact+$SERVICE@$ENV::x509_host,DNS:$SERVICE.$ENV::x509_host,DNS:$SERVICE.cyclocoop.org,DNS:$SERVICE.cyclocoop.heureux-cyclage.org,DNS:$SERVICE.lesjantesdunord.org,DNS:$SERVICE.lesjantesdunord.heureux-cyclage.org,DNS:$SERVICE.ptitvelo.net,DNS:$SERVICE.ptitvelo.heureux-cyclage.org
 	subjectKeyIdentifier   = hash
 	issuerAltName          = issuer:copy
 	authorityKeyIdentifier = keyid:always,issuer:always
@@ -37,7 +37,7 @@
 [ self_signed_extensions ]
 	basicConstraints       = critical,CA:TRUE,pathlen:0
 	keyUsage               = keyCertSign,cRLSign,digitalSignature,keyEncipherment
-	subjectAltName         = email:contact+$SERVICE@$ENV::x509_host,DNS:$SERVICE.$ENV::x509_host
+	subjectAltName         = email:contact+$SERVICE@$ENV::x509_host,DNS:$SERVICE.$ENV::x509_host,DNS:$SERVICE.cyclocoop.org,DNS:$SERVICE.cyclocoop.heureux-cyclage.org,DNS:$SERVICE.lesjantesdunord.org,DNS.$SERVICE.lesjantesdunord.heureux-cyclage.org,DNS:$SERVICE.ptitvelo.net,DNS:$SERVICE.ptitvelo.heureux-cyclage.org
 	subjectKeyIdentifier   = hash
 	issuerAltName          = issuer:copy
 	authorityKeyIdentifier = keyid:always,issuer:always