Files
@ 449e6423959c
Branch filter:
Location: majic-ansible-roles/testsite/tls/gnutls_server_certificate.cfg.j2 - annotation
449e6423959c
926 B
text/plain
MAR-151: Added support for Debian 10 Buster to xmpp_server role:
- Updated role reference documentaiton.
- Updated role meta information.
- Updated tests.
- Enable lower-level TLS protocols (1.0/1.1) in global OpenSSL
configuration file on Buster in order to be able to test the
xmpp_server_tls_protocol parameter (otherwise Prosody completely
refuses to use them even if listed in its configuration).
- Move stretch-specific tests into its own file (for backported
lua-ldap library), and run them on Debian 9 Stretch machines only.
- Updated role reference documentaiton.
- Updated role meta information.
- Updated tests.
- Enable lower-level TLS protocols (1.0/1.1) in global OpenSSL
configuration file on Buster in order to be able to test the
xmpp_server_tls_protocol parameter (otherwise Prosody completely
refuses to use them even if listed in its configuration).
- Move stretch-specific tests into its own file (for backported
lua-ldap library), and run them on Debian 9 Stretch machines only.
052eefc4fab0 052eefc4fab0 052eefc4fab0 052eefc4fab0 052eefc4fab0 052eefc4fab0 052eefc4fab0 052eefc4fab0 052eefc4fab0 052eefc4fab0 052eefc4fab0 70733167cdf8 052eefc4fab0 052eefc4fab0 052eefc4fab0 052eefc4fab0 052eefc4fab0 052eefc4fab0 052eefc4fab0 70733167cdf8 2ded0cbae449 2ded0cbae449 2ded0cbae449 052eefc4fab0 052eefc4fab0 052eefc4fab0 052eefc4fab0 052eefc4fab0 052eefc4fab0 052eefc4fab0 884beb9a0e1d 884beb9a0e1d 884beb9a0e1d 884beb9a0e1d 884beb9a0e1d | # X.509 Certificate options
#
# DN options
# The organization of the subject.
organization = "Example Inc."
# The country of the subject. Two letter code.
country = SE
# The common name of the certificate owner.
cn = "Exampe Inc. {{ item.name }} Server"
# In how many days, counting from today, this certificate will expire.
expiration_days = 365
# X.509 v3 extensions
# A dnsname in case of a WWW server.
dns_name = "{{ item.hostname }}.{{ testsite_domain }}"
{% for dns_name in item.extra_dns_names | default([]) %}
dns_name = "{{ dns_name }}"
{% endfor %}
# Whether this certificate will be used for a TLS server
tls_www_server
# Whether this certificate will be used to sign data (needed
# in TLS DHE ciphersuites).
signing_key
# Whether this certificate will be used to encrypt data (needed
# in TLS RSA ciphersuites). Note that it is preferred to use different
# keys for encryption and signing.
encryption_key
|