| Index: net/tools/quic/certs/ca.cnf
|
| diff --git a/net/data/ssl/scripts/ca.cnf b/net/tools/quic/certs/ca.cnf
|
| similarity index 79%
|
| copy from net/data/ssl/scripts/ca.cnf
|
| copy to net/tools/quic/certs/ca.cnf
|
| index 1b78e01985e3f332c890c7c1f90ad34c92373677..f3bc3cbabe04f9caad675bc8d751c00edb499b29 100644
|
| --- a/net/data/ssl/scripts/ca.cnf
|
| +++ b/net/tools/quic/certs/ca.cnf
|
| @@ -44,22 +44,6 @@ authorityKeyIdentifier = keyid:always
|
| extendedKeyUsage = serverAuth,clientAuth
|
| subjectAltName = @san_name_constraint_bad
|
|
|
| -[name_constraint_good]
|
| -# A leaf cert that will match the root's imposed name constraints
|
| -basicConstraints = critical, CA:false
|
| -subjectKeyIdentifier = hash
|
| -authorityKeyIdentifier = keyid:always
|
| -extendedKeyUsage = serverAuth,clientAuth
|
| -subjectAltName = @san_name_constraint_good
|
| -
|
| -[san_name_constraint_bad]
|
| -DNS.1 = test.ExAmPlE.CoM
|
| -DNS.2 = test.ExAmPlE.OrG
|
| -
|
| -[san_name_constraint_good]
|
| -DNS.1 = test.ExAmPlE.CoM
|
| -DNS.2 = example.notarealtld
|
| -
|
| [ca_cert]
|
| # Extensions to add when signing a request for an intermediate/CA cert
|
| basicConstraints = critical, CA:true
|
| @@ -94,22 +78,8 @@ encrypt_key = no
|
| distinguished_name = $ENV::CA_NAME
|
| x509_extensions = req_ca_exts
|
|
|
| -[req_ca_dn]
|
| -C = US
|
| -ST = California
|
| -L = Mountain View
|
| -O = Test CA
|
| -CN = Test Root CA
|
| -
|
| -[req_intermediate_dn]
|
| -C = US
|
| -ST = California
|
| -L = Mountain View
|
| -O = Test CA
|
| -CN = Test Intermediate CA
|
| -
|
| [req_env_dn]
|
| -CN = $ENV::CA_COMMON_NAME
|
| +CN = QUIC Server Root CA
|
|
|
| [req_ca_exts]
|
| basicConstraints = critical, CA:true
|
|
|
Chromium Code Reviews
Issue 1330223003:
Add scripts for generating certs to be used with the quic_server (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master