From: Georg Höllrigl Date: Fri, 12 Feb 2021 18:26:20 +0000 (+0100) Subject: rfc2606 compliant example domains for x509v3_config.pod X-Git-Tag: openssl-3.0.0-alpha13~260 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=458d168cd48ab57ffd8e6c8322073e4a77d03d26;p=thirdparty%2Fopenssl.git rfc2606 compliant example domains for x509v3_config.pod Reviewed-by: Ben Kaduk Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/14210) --- diff --git a/doc/man5/x509v3_config.pod b/doc/man5/x509v3_config.pod index a32e70c3e7d..f8bc6d0ff19 100644 --- a/doc/man5/x509v3_config.pod +++ b/doc/man5/x509v3_config.pod @@ -79,8 +79,8 @@ section. In this example: subjectAltName = @alt_section [alt_section] - email = steve@here - email = steve@there + email = steve@example.com + email = steve@example.org will only recognize the last value. To specify multiple values append a numeric identifier, as shown here: @@ -89,8 +89,8 @@ numeric identifier, as shown here: subjectAltName = @alt_section [alt_section] - email.1 = steve@here - email.2 = steve@there + email.1 = steve@example.com + email.2 = steve@example.org The syntax of raw extensions is defined by the source code that parses the extension but should be documened. @@ -237,13 +237,13 @@ using the syntax in L. Examples: - subjectAltName = email:copy, email:my@other.address, URI:http://my.url.here/ + subjectAltName = email:copy, email:my@example.com, URI:http://my.example.com/ subjectAltName = IP:192.168.7.1 subjectAltName = IP:13::17 - subjectAltName = email:my@other.address, RID:1.2.3.4 + subjectAltName = email:my@example.com, RID:1.2.3.4 subjectAltName = otherName:1.2.3.4;UTF8:some other identifier @@ -292,9 +292,9 @@ B (CA Repository). Examples: - authorityInfoAccess = OCSP;URI:http://ocsp.my.host/,caIssuers;URI:http://my.ca/ca.cer + authorityInfoAccess = OCSP;URI:http://ocsp.example.com/,caIssuers;URI:http://myca.example.com/ca.cer - authorityInfoAccess = OCSP;URI:http://ocsp.my.host/ + authorityInfoAccess = OCSP;URI:http://ocsp.example.com/ =head2 CRL distribution points @@ -338,9 +338,9 @@ Only one of B or B should be specified. Simple examples: - crlDistributionPoints = URI:http://myhost.com/myca.crl + crlDistributionPoints = URI:http://example.com/myca.crl - crlDistributionPoints = URI:http://my.com/my.crl, URI:http://oth.com/my.crl + crlDistributionPoints = URI:http://example.com/myca.crl, URI:http://example.org/my.crl Full distribution point example: @@ -348,7 +348,7 @@ Full distribution point example: crlDistributionPoints = crldp1_section [crldp1_section] - fullname = URI:http://myhost.com/myca.crl + fullname = URI:http://example.com/myca.crl CRLissuer = dirName:issuer_sect reasons = keyCompromise, CACompromise @@ -394,7 +394,7 @@ Example: issuingDistributionPoint = critical, @idp_section [idp_section] - fullname = URI:http://myhost.com/myca.crl + fullname = URI:http://example.com/myca.crl indirectCRL = TRUE onlysomereasons = keyCompromise, CACompromise @@ -437,8 +437,8 @@ Example: [polsect] policyIdentifier = 1.3.5.8 - CPS.1 = "http://my.host.name/" - CPS.2 = "http://my.your.name/" + CPS.1 = "http://my.host.example.com/" + CPS.2 = "http://my.your.example.com/" userNotice.1 = @notice [notice] @@ -483,7 +483,7 @@ Examples: nameConstraints = permitted;IP:192.168.0.0/255.255.0.0 - nameConstraints = permitted;email:.somedomain.com + nameConstraints = permitted;email:.example.com nameConstraints = excluded;email:.com