https://bugs.contribs.org/show_bug.cgi?id=8685
--- Comment #4 from John Crisp <[email protected]> ---
OK,
I have merged up the existing code with the radicand fork which is now in my
git repo for testing
https://github.com/reetp/phpki
This now has default_md = 512 and -SHA256 in the REQ so should be more secure.
One thing I particularly wanted to do because Libreswan is complaining is to
add in more SubjectAltNames
In the v0.83+ code I have there is a patch to add more options for this, but it
ONLY appears to allow adding them if the cert_type=server
Are there any rules on what can be added to which type of certificate? Can they
be added to all types, or only some?
We have these types:
case 'server': <<< Additional DNS/IP Subject Alt Names allowed here
case 'email':
case 'email_signing':
case 'time_stamping':
case 'vpn_client_server':
case 'vpn_client':
case 'vpn_server':
I can add them to other types easily, but not sure which ones.
Suggestions appreciated.
The other thing I have to work out how to do is how to upgrade an existing
installation without breaking it.... !
--
You are receiving this mail because:
You are the QA Contact for the bug.
_______________________________________________
Mail for each SME Contribs bug report
To unsubscribe, e-mail [email protected]
Searchable archive at https://lists.contribs.org/mailman/public/contribteam/
