summaryrefslogtreecommitdiffstats
path: root/src/test/ssl/conf/server-cn-and-ip-alt-names.config
diff options
context:
space:
mode:
Diffstat (limited to 'src/test/ssl/conf/server-cn-and-ip-alt-names.config')
-rw-r--r--src/test/ssl/conf/server-cn-and-ip-alt-names.config24
1 files changed, 24 insertions, 0 deletions
diff --git a/src/test/ssl/conf/server-cn-and-ip-alt-names.config b/src/test/ssl/conf/server-cn-and-ip-alt-names.config
new file mode 100644
index 0000000..a6fa09b
--- /dev/null
+++ b/src/test/ssl/conf/server-cn-and-ip-alt-names.config
@@ -0,0 +1,24 @@
+# An OpenSSL format CSR config file for creating a server certificate.
+#
+# This certificate contains a CN and SANs for both IPv4 and IPv6.
+
+
+[ req ]
+distinguished_name = req_distinguished_name
+req_extensions = v3_req
+prompt = no
+
+[ req_distinguished_name ]
+# Note: According to RFC 2818 and 6125, the CN is ignored, when DNS names are
+# present in the SANs. But they are silent on whether the CN is checked when IP
+# addresses are present.
+CN = common-name.pg-ssltest.test
+OU = PostgreSQL test suite
+
+# For Subject Alternative Names
+[ v3_req ]
+subjectAltName = @alt_names
+
+[ alt_names ]
+IP.1 = 192.0.2.1
+IP.2 = 2001:DB8::1
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-07 01:30:46 +0000